Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-20 | CVE-2020-4466 | Unspecified vulnerability in IBM MQ for HPE Nonstop 8.0.4/8.1.0 IBM MQ for HPE NonStop 8.0.4 and 8.1.0 could allow a remote authenticated attacker could cause a denial of service due to an error within the Queue processing function. | 6.5 |
| 2020-07-20 | CVE-2020-4361 | Information Exposure vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information by disclosing private IP addresses in HTTP responses. | 4.3 |
| 2020-07-16 | CVE-2020-4316 | Unspecified vulnerability in IBM Publishing Engine and Rational Publishing Engine IBM Publishing Engine 6.0.6, 6.0.6.1, and 7.0 does not set the secure attribute on authorization tokens or session cookies. | 4.7 |
| 2020-07-16 | CVE-2019-4748 | Cross-site Scripting vulnerability in IBM products IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. | 5.4 |
| 2020-07-16 | CVE-2019-4747 | Cross-site Scripting vulnerability in IBM products IBM Team Concert (RTC) is vulnerable to cross-site scripting. | 5.4 |
| 2020-07-14 | CVE-2020-4513 | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. | 6.1 |
| 2020-07-14 | CVE-2020-4511 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3 and 7.4 could allow an authenticated user to cause a denial of service of the qflow process by sending a malformed sflow command. | 6.5 |
| 2020-07-14 | CVE-2020-4510 | XXE vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 5.5 |
| 2020-07-14 | CVE-2020-4364 | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. | 5.4 |
| 2020-07-09 | CVE-2020-4173 | Unspecified vulnerability in IBM products IBM Guardium Activity Insights 10.6 and 11.0 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |