Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-28 | CVE-2019-4568 | Improper Input Validation vulnerability in IBM MQ and MQ Appliance IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS could allow a remote attacker with intimate knowledge of the server to cause a denial of service when receiving data on the channel. | 4.3 |
| 2020-01-23 | CVE-2012-4863 | Resource Exhaustion vulnerability in IBM Websphere MQ 7.1.0.0/7.1.0.1/7.5.0.0 IBM WebSphere MQ 7.1 and 7.5: Queue manager has a DoS vulnerability | 4.0 |
| 2020-01-21 | CVE-2020-7239 | Cross-site Scripting vulnerability in IBM Chatbot With IBM Watson The conversation-watson plugin before 0.8.21 for WordPress has a DOM-based XSS vulnerability that is executed when a chat message containing JavaScript is sent. | 4.3 |
| 2020-01-10 | CVE-2019-4559 | Information Exposure vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3.0 through 7.3.3 discloses sensitive information to unauthorized users. | 5.0 |
| 2019-12-30 | CVE-2019-4655 | Improper Input Validation vulnerability in IBM MQ and MQ Appliance IBM MQ 9.1.0.0, 9.1.0.1, 9.1.0.2, 9.1.0.3, 9.1.1, 9.1.2, and 9.1.3 is vulnerable to a denial of service attack that would allow an authenticated user to reset client connections due to an error within the Data Conversion routine. | 4.0 |
| 2019-12-30 | CVE-2019-4343 | Incorrect Authorization vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 allows overly permissive cross-origin resource sharing which could allow an attacker to transfer private information. | 6.5 |
| 2019-12-30 | CVE-2018-1682 | Information Exposure vulnerability in IBM Watston Studio Local 1.2.3 IBM Watson Studio Local 1.2.3 could disclose sensitive information over the network that an attacked could use in further attacks against the system. | 5.0 |
| 2019-12-20 | CVE-2019-4744 | Cross-site Scripting vulnerability in IBM Financial Transaction Manager FOR Multiplatform 3.0.0.0 IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scripting. | 4.3 |
| 2019-12-20 | CVE-2019-4743 | Cleartext Transmission of Sensitive Information vulnerability in IBM Financial Transaction Manager FOR Multiplatform 3.0.0.0 IBM Financial Transaction Manager 3.0 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2019-12-20 | CVE-2019-4742 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Financial Transaction Manager FOR Multiplatform 3.0.0.0 IBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. | 4.3 |