Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-02 | CVE-2020-4546 | Cross-site Scripting vulnerability in IBM products IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. | 5.4 |
| 2020-09-02 | CVE-2020-4522 | Cross-site Scripting vulnerability in IBM products IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. | 5.4 |
| 2020-09-02 | CVE-2020-4445 | Cross-site Scripting vulnerability in IBM products IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. | 5.4 |
| 2020-09-01 | CVE-2012-3341 | Cross-site Scripting vulnerability in IBM Infosphere Guardium IBM InfoSphere Guardium 7.0, 8.0, 8.01, and 8.2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. | 5.4 |
| 2020-09-01 | CVE-2012-3340 | XML Entity Expansion vulnerability in IBM Infosphere Guardium 8.0/8.0.1/8.2 IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML external entity injection, caused by improper validation of user-supplied input. | 4.3 |
| 2020-09-01 | CVE-2012-3338 | Improper Input Validation vulnerability in IBM Infosphere Guardium 8.0/8.01/8.2 IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to bypass security restrictions, caused by improper restrictions on the create new user account functionality. | 5.3 |
| 2020-09-01 | CVE-2012-3337 | Path Traversal vulnerability in IBM Infosphere Guardium 8.0/8.01/8.2 IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to traverse directories on the system. | 5.3 |
| 2020-08-31 | CVE-2020-4492 | Argument Injection or Modification vulnerability in IBM Spectrum Scale IBM Spectrum Scale V5.0.0.0 through V5.0.4.3 and V4.2.0.0 through V4.2.3.21 could allow a local attacker to cause a denial of service crashing the kernel by sending a subset of ioctls on the device with invalid arguments. | 5.5 |
| 2020-08-28 | CVE-2019-4579 | Unspecified vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0 IBM Resilient SOAR 38 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. | 4.3 |
| 2020-08-28 | CVE-2019-4533 | Improper Input Validation vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0 IBM Resilient SOAR V38.0 users may experience a denial of service of the SOAR Platform due to a insufficient input validation. | 4.3 |