Vulnerabilities > IBM > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-30 | CVE-2020-4629 | Information Exposure Through an Error Message vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensitive information from a detailed technical error message. | 3.3 |
2020-09-15 | CVE-2020-4344 | Insecure Storage of Sensitive Information vulnerability in IBM Tivoli Business Service Manager 6.2.0.0 IBM Tivoli Business Service Manager 6.2.0.0 - 6.2.0.2 IF 1 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
2020-08-28 | CVE-2020-4591 | Missing Encryption of Sensitive Data vulnerability in IBM Spectrum Protect Server IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. | 3.3 |
2020-08-26 | CVE-2019-4695 | Insecure Storage of Sensitive Information vulnerability in IBM Guardium Data Encryption 3.0.0.2 IBM Security Guardium Data Encryption (GDE) 3.0.0.2 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
2020-08-26 | CVE-2019-4699 | Information Exposure Through an Error Message vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 generates an error message that includes sensitive information about its environment, users, or associated data. | 2.7 |
2020-08-20 | CVE-2020-4548 | Improper Input Validation vulnerability in IBM Content Navigator 3.0.0/3.0.7/3.0.8 IBM Content Navigator 3.0.7 and 3.0.8 is vulnerable to improper input validation. | 2.7 |
2020-08-05 | CVE-2020-4243 | Session Fixation vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 Virtual Appliance could allow a remote attacker to obtain sensitive information using man in the middle techniques due to not properly invalidating session tokens. | 3.7 |
2020-07-22 | CVE-2020-4371 | Insecure Storage of Sensitive Information vulnerability in IBM Verify Gateway 1.0.0/1.0.1 IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 contains sensitive information in leftover debug code that could be used aid a local user in further attacks against the system. | 3.3 |
2020-07-01 | CVE-2019-4705 | Unspecified vulnerability in IBM Security Identity Manager Virtual Appliance 7.0.2 IBM Security Identity Manager Virtual Appliance 7.0.2 discloses sensitive information to unauthorized users. | 2.7 |
2020-07-01 | CVE-2019-4706 | Information Exposure Through Log Files vulnerability in IBM Security Identity Manager Virtual Appliance 7.0.2 IBM Security Identity Manager Virtual Appliance 7.0.2 writes information to log files which can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information. | 2.7 |