Vulnerabilities > IBM > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-03 | CVE-2021-38909 | Cross-site Scripting vulnerability in multiple products IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site scripting. | 3.5 |
2021-11-30 | CVE-2021-39000 | Information Exposure vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local attacker to obtain sensitive information by inclusion of sensitive data within diagnostics. | 2.1 |
2021-11-30 | CVE-2021-38999 | Information Exposure vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. | 2.1 |
2021-11-30 | CVE-2021-38958 | Unspecified vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance 9.2 CD and 9.2 LTS is affected by a denial of service attack caused by a concurrency issue. | 2.1 |
2021-11-17 | CVE-2021-38959 | Out-of-bounds Write vulnerability in IBM Spss Statistics IBM SPSS Statistics for Windows 24.0, 25.0, 26.0, 27.0, 27.0.1, and 28.0 could allow a local user to cause a denial of service by writing arbitrary files to admin protected directories on the system. | 2.1 |
2021-11-17 | CVE-2021-29861 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in EFS to expose sensitive information. | 2.1 |
2021-11-17 | CVE-2021-29860 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the libc.a library to expose sensitive information. | 2.1 |
2021-11-16 | CVE-2021-38949 | Cleartext Storage of Sensitive Information vulnerability in IBM MQ and Websphere MQ IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which can be read by a local user. | 2.1 |
2021-11-16 | CVE-2021-38882 | Unspecified vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.1.0 through 5.1.1.1 could allow a privileged admin to destroy filesystem audit logging records before expiration time. | 2.1 |
2021-11-15 | CVE-2021-38982 | Cross-site Scripting vulnerability in IBM products IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 is vulnerable to cross-site scripting. | 3.5 |