Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-08 | CVE-2019-4601 | Information Exposure Through an Error Message vulnerability in IBM Rational Quality Manager 6.0.2/6.0.6/6.0.6.1 IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authenticated user to obtain sensitive information from a stack trace that could aid in further attacks against the system. | 4.3 |
| 2020-04-02 | CVE-2020-4325 | Improper Resource Shutdown or Release vulnerability in IBM products The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams information from the federated systems. | 6.5 |
| 2020-04-02 | CVE-2020-4304 | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. | 6.1 |
| 2020-04-02 | CVE-2020-4303 | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. | 6.1 |
| 2020-03-31 | CVE-2020-4240 | Path Traversal vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2020-03-31 | CVE-2020-4239 | Information Exposure Through an Error Message vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
| 2020-03-31 | CVE-2020-4236 | Unspecified vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow an authenticated user to cause a denial of service due to improper content parsing in the project management module. | 6.5 |
| 2020-03-31 | CVE-2020-4235 | Cross-site Scripting vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting. | 5.4 |
| 2020-03-24 | CVE-2020-4309 | Information Exposure vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD could disclose sensitive information to an unauthenticated user which could be used to aid in further attacks against the system. | 5.3 |
| 2020-03-24 | CVE-2019-4681 | Cross-site Scripting vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting. | 6.1 |