Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-03 | CVE-2019-4366 | Unspecified vulnerability in IBM Cognos Analytics 11.0.0/11.1.0 IBM Cognos Analytics 11.0 and 11.1 is susceptible to an information disclosure vulnerability where an attacker could gain access to cached browser data. | 5.3 |
| 2020-07-30 | CVE-2020-4186 | Information Exposure vulnerability in IBM Security Guardium 10.5/10.6/11.1 IBM Security Guardium 10.5, 10.6, and 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. | 5.3 |
| 2020-07-29 | CVE-2020-4645 | Cross-site Scripting vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is vulnerable to cross-site scripting. | 5.4 |
| 2020-07-29 | CVE-2020-4644 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0.0 through 2.0.9.1 could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
| 2020-07-29 | CVE-2020-4573 | Unspecified vulnerability in IBM Security KEY Lifecycle Manager 3.0.1/4.0 IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could disclose sensitive information due to responding to unauthenticated HTTP requests. | 5.3 |
| 2020-07-29 | CVE-2020-4572 | Information Exposure Through an Error Message vulnerability in IBM Security KEY Lifecycle Manager 3.0.1/4.0 IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
| 2020-07-29 | CVE-2020-4569 | Unspecified vulnerability in IBM Security KEY Lifecycle Manager 3.0.1/4.0 IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism. | 6.5 |
| 2020-07-28 | CVE-2020-4465 | Classic Buffer Overflow vulnerability in IBM MQ Appliance IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 LTS is vulnerable to a buffer overflow vulnerability due to an error within the channel processing code. | 6.5 |
| 2020-07-28 | CVE-2020-4319 | Information Exposure Through an Error Message vulnerability in IBM MQ Appliance IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and 9.1 CD could allow under special circumstances, an authenticated user to obtain sensitive information due to a data leak from an error message within the pre-v7 pubsub logic. | 4.3 |
| 2020-07-28 | CVE-2020-4318 | Cross-site Scripting vulnerability in IBM products IBM Intelligent Operations Center for Emergency Management, Intelligent Operations Center (IOC), and IBM Water Operations for Waternamics are vulnerable to cross-site scripting. | 5.4 |