Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-27 | CVE-2019-4729 | Information Exposure Through an Error Message vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.3 |
| 2020-04-24 | CVE-2020-4267 | Memory Leak vulnerability in IBM MQ and MQ Appliance IBM MQ and MQ Appliance 8.0, 9.1 LTS, and 9.1 CD could allow an authenticated user cause a denial of service due to a memory leak. | 6.5 |
| 2020-04-24 | CVE-2019-4751 | Information Exposure vulnerability in IBM Cloud APP Management 2019.3.0/2019.4.0 IBM Cloud App Management 2019.3.0 and 2019.4.0 reveals a stack trace on certain API requests which can allow an attacker further information about the implementation of the offering. | 5.3 |
| 2020-04-23 | CVE-2020-4353 | Unspecified vulnerability in IBM Maas360 3.96.62/6.82 IBM MaaS360 6.82 could allow a user with pysical access to the device to crash the application which may enable the user to access restricted applications and device settings. low complexity ibm | 4.6 |
| 2020-04-23 | CVE-2019-4735 | Unspecified vulnerability in IBM Maas360 3.96.62 IBM MaaS360 3.96.62 for iOS could allow an attacker with physical access to the device to obtain sensitive information from the agent outside of the container. low complexity ibm | 4.6 |
| 2020-04-23 | CVE-2019-4668 | Insufficiently Protected Credentials vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.0.4.0 stores user credentials in plain in clear text which can be read by a local user. | 5.5 |
| 2020-04-17 | CVE-2019-4749 | Cross-site Scripting vulnerability in IBM products IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. | 5.4 |
| 2020-04-17 | CVE-2019-4644 | Cross-site Scripting vulnerability in IBM products IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. | 6.1 |
| 2020-04-17 | CVE-2019-4446 | Unspecified vulnerability in IBM products IBM Maximo Asset Management 7.6 could allow an authenticated user perform actions they are not authorized to by modifying request parameters. | 5.4 |
| 2020-04-16 | CVE-2020-4338 | Information Exposure vulnerability in IBM MQ IBM MQ 9.1.4 could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data. | 5.5 |