Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-06 | CVE-2020-4484 | Information Exposure vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could disclose sensitive information to an authenticated user that could be used in further attacks against the system. | 4.0 |
| 2020-11-06 | CVE-2020-4483 | Information Exposure Through an Error Message vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.0 |
| 2020-11-06 | CVE-2020-4482 | Unspecified vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow an authenticated user to bypass security. | 4.0 |
| 2020-11-03 | CVE-2020-4785 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM APP Connect Enterprise Certified Container IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. | 4.9 |
| 2020-11-03 | CVE-2020-4649 | Information Exposure vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 could expose data to non-privleged users by not invalidating TM1Web user sessions. | 4.0 |
| 2020-10-30 | CVE-2020-4584 | Information Exposure Through an Error Message vulnerability in IBM I2 Ibase 8.9.13 IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.0 |
| 2020-10-29 | CVE-2019-4563 | Session Fixation vulnerability in IBM Security Directory Server 6.4.0.0 IBM Security Directory Server 6.4.0 does not set the secure attribute on authorization tokens or session cookies. | 5.0 |
| 2020-10-29 | CVE-2019-4547 | Information Exposure Through an Error Message vulnerability in IBM Security Directory Server 6.4.0.0 IBM Security Directory Server 6.4.0 generates an error message that includes sensitive information about its environment, users, or associated data. | 5.0 |
| 2020-10-28 | CVE-2020-4782 | Path Traversal vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. | 4.0 |
| 2020-10-28 | CVE-2020-4767 | Out-of-bounds Read vulnerability in IBM Sterling Connect:Direct IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. | 5.0 |