Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2021-11-30 CVE-2021-38958 Unspecified vulnerability in IBM MQ Appliance 9.2.0.0
IBM MQ Appliance 9.2 CD and 9.2 LTS is affected by a denial of service attack caused by a concurrency issue.
local
low complexity
ibm
2.1
2021-11-17 CVE-2021-38959 Out-of-bounds Write vulnerability in IBM Spss Statistics
IBM SPSS Statistics for Windows 24.0, 25.0, 26.0, 27.0, 27.0.1, and 28.0 could allow a local user to cause a denial of service by writing arbitrary files to admin protected directories on the system.
local
low complexity
ibm CWE-787
2.1
2021-11-17 CVE-2021-29861 Unspecified vulnerability in IBM AIX and Vios
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in EFS to expose sensitive information.
local
low complexity
ibm
2.1
2021-11-17 CVE-2021-29860 Unspecified vulnerability in IBM AIX and Vios
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the libc.a library to expose sensitive information.
local
low complexity
ibm
2.1
2021-11-16 CVE-2021-38949 Cleartext Storage of Sensitive Information vulnerability in IBM MQ and Websphere MQ
IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which can be read by a local user.
local
low complexity
ibm CWE-312
2.1
2021-11-16 CVE-2021-38882 Unspecified vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.1.0 through 5.1.1.1 could allow a privileged admin to destroy filesystem audit logging records before expiration time.
local
low complexity
ibm
2.1
2021-11-15 CVE-2021-38982 Cross-site Scripting vulnerability in IBM products
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2021-11-15 CVE-2021-38976 Insufficiently Protected Credentials vulnerability in IBM products
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 stores user credentials in plain clear text which can be read by a local user.
local
low complexity
ibm CWE-522
2.1
2021-11-12 CVE-2020-4140 Cross-site Scripting vulnerability in IBM Security Siteprotector System 3.1.1.0
IBM Security SiteProtector System 3.1.1 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2021-11-08 CVE-2021-29735 Cross-site Scripting vulnerability in IBM Security Guardium
IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, and 11.3 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5