Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-20 | CVE-2019-4420 | Information Exposure Through an Error Message vulnerability in IBM products IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose detailed error messages, revealing sensitive information that could aid in further attacks against the system. | 6.2 |
| 2019-08-20 | CVE-2019-4402 | Unspecified vulnerability in IBM API Connect IBM API Connect 2018.1 through 2018.4.1.6 developer portal could allow an unauthorized user to cause a denial of service via an unprotected API. | 5.0 |
| 2019-08-20 | CVE-2019-4308 | Information Exposure Through an Error Message vulnerability in IBM products IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 could allow an authenticated user to obtain sensitive information from error messages IBM X-Force ID: 161034. | 4.3 |
| 2019-08-20 | CVE-2018-1636 | Out-of-bounds Write vulnerability in IBM Informix Dynamic Server 12.10 Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute predefined code with root privileges, such as escalating to a root shell. | 6.7 |
| 2019-08-20 | CVE-2018-1635 | Out-of-bounds Write vulnerability in IBM Informix Dynamic Server 12.10 Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute predefined code with root privileges, such as escalating to a root shell. | 6.7 |
| 2019-08-20 | CVE-2018-1634 | Link Following vulnerability in IBM Informix Dynamic Server 12.10 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in infos.DBSERVERNAME. | 6.7 |
| 2019-08-20 | CVE-2018-1633 | Link Following vulnerability in IBM Informix Dynamic Server 12.10 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onsrvapd. | 6.7 |
| 2019-08-20 | CVE-2018-1632 | Link Following vulnerability in IBM Informix Dynamic Server 12.10 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in .infxdirs. | 6.7 |
| 2019-08-20 | CVE-2018-1631 | Link Following vulnerability in IBM Informix Dynamic Server 12.1 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in oninit mongohash. | 6.7 |
| 2019-08-20 | CVE-2018-1630 | Link Following vulnerability in IBM Informix Dynamic Server 12.1 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onmode. | 6.7 |