Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-03 | CVE-2020-4553 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I2 Analysts Notebook 9.2.1/9.2.2 IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 6.9 |
| 2020-08-03 | CVE-2020-4552 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 6.9 |
| 2020-08-03 | CVE-2020-4551 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I2 Analysts Notebook 9.2.1/9.2.2 IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 6.9 |
| 2020-08-03 | CVE-2020-4550 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I2 Analysts Notebook 9.2.1/9.2.2 IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 6.9 |
| 2020-08-03 | CVE-2020-4549 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I2 Analysts Notebook 9.2.1 IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 6.9 |
| 2020-08-03 | CVE-2020-4377 | XML Entity Expansion vulnerability in IBM Cognos Analytics 11.0.0/11.1.0 IBM Cognos Anaytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 6.4 |
| 2020-08-03 | CVE-2020-4328 | SQL Injection vulnerability in IBM Financial Transaction Manager FOR Multiplatform 3.2.4 IBM Financial Transaction Manager 3.2.4 is vulnerable to SQL injection. | 6.5 |
| 2020-08-03 | CVE-2019-4589 | Improper Privilege Management vulnerability in IBM Cognos Analytics 11.1.0/11.0.0 IBM Cognos Analytics 11.0 and 11.1 is vulnerable to privlege escalation where the "My schedules and subscriptions" page is visible and accessible to a less privileged user. | 4.0 |
| 2020-08-03 | CVE-2019-4366 | Information Exposure vulnerability in IBM Cognos Analytics 11.0.0/11.1.0 IBM Cognos Analytics 11.0 and 11.1 is susceptible to an information disclosure vulnerability where an attacker could gain access to cached browser data. | 5.0 |
| 2020-07-30 | CVE-2020-4186 | Information Exposure vulnerability in IBM Security Guardium 10.5/10.6/11.1 IBM Security Guardium 10.5, 10.6, and 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. | 5.0 |