Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2021-12-03 CVE-2021-38909 Cross-site Scripting vulnerability in multiple products
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site scripting.
network
ibm netapp CWE-79
3.5
3.5
2021-11-30 CVE-2021-39000 Information Exposure vulnerability in IBM MQ Appliance 9.2.0.0
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local attacker to obtain sensitive information by inclusion of sensitive data within diagnostics.
local
low complexity
ibm CWE-200
2.1
2.1
2021-11-30 CVE-2021-38999 Information Exposure vulnerability in IBM MQ Appliance 9.2.0.0
IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace.
local
low complexity
ibm CWE-200
2.1
2.1
2021-11-30 CVE-2021-38958 Unspecified vulnerability in IBM MQ Appliance 9.2.0.0
IBM MQ Appliance 9.2 CD and 9.2 LTS is affected by a denial of service attack caused by a concurrency issue.
local
low complexity
ibm
2.1
2.1
2021-11-17 CVE-2021-38959 Out-of-bounds Write vulnerability in IBM Spss Statistics
IBM SPSS Statistics for Windows 24.0, 25.0, 26.0, 27.0, 27.0.1, and 28.0 could allow a local user to cause a denial of service by writing arbitrary files to admin protected directories on the system.
local
low complexity
ibm CWE-787
2.1
2.1
2021-11-17 CVE-2021-29861 Unspecified vulnerability in IBM AIX and Vios
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in EFS to expose sensitive information.
local
low complexity
ibm
2.1
2.1
2021-11-17 CVE-2021-29860 Unspecified vulnerability in IBM AIX and Vios
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the libc.a library to expose sensitive information.
local
low complexity
ibm
2.1
2.1
2021-11-16 CVE-2021-38949 Cleartext Storage of Sensitive Information vulnerability in IBM MQ and Websphere MQ
IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which can be read by a local user.
local
low complexity
ibm CWE-312
2.1
2.1
2021-11-16 CVE-2021-38882 Unspecified vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.1.0 through 5.1.1.1 could allow a privileged admin to destroy filesystem audit logging records before expiration time.
local
low complexity
ibm
2.1
2.1
2021-11-15 CVE-2021-38982 Cross-site Scripting vulnerability in IBM products
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5