Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-04 | CVE-2019-4514 | Information Exposure vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0, and 3.0.1 discloses sensitive information to unauthorized users. | 5.3 |
| 2019-10-03 | CVE-2019-4441 | Information Exposure Through an Error Message vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. | 5.3 |
| 2019-10-02 | CVE-2019-4549 | Insecure Storage of Sensitive Information vulnerability in IBM Security Directory Server 6.4.0 IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. | 5.3 |
| 2019-10-02 | CVE-2019-4542 | Cross-site Scripting vulnerability in IBM Security Directory Server 6.4.0 IBM Security Directory Server 6.4.0 is vulnerable to cross-site scripting. | 6.1 |
| 2019-10-01 | CVE-2019-4497 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-10-01 | CVE-2019-4495 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-10-01 | CVE-2019-4494 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-10-01 | CVE-2019-4246 | Unspecified vulnerability in IBM Daeja Viewone IBM Daeja ViewONE Virtual 5.0 through 5.0.6 could expose internal parameters to ViewONE clients that could be used in further attacks against the system. | 5.3 |
| 2019-09-30 | CVE-2019-4423 | Path Traversal vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 could allow a remote attacker to traverse directories on the system. | 5.3 |
| 2019-09-30 | CVE-2019-4305 | Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by the improper setting of a cookie. | 5.3 |