Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-17 | CVE-2018-2022 | Information Exposure vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.2 and 7.3 discloses sensitive information to unauthorized users. | 5.3 |
| 2019-07-17 | CVE-2018-2021 | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. | 6.1 |
| 2019-07-17 | CVE-2018-1921 | Cross-site Scripting vulnerability in IBM Campaign IBM Campaign 9.1.0, 9.1.2, 10.1, and 11.0 is vulnerable to cross-site scripting. | 5.4 |
| 2019-07-11 | CVE-2019-4263 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD is vulnerable to local file inclusion, allowing an attacker to access a configuration file in the ICN server. | 4.3 |
| 2019-07-11 | CVE-2019-4131 | Unspecified vulnerability in IBM Cloud Application Performance Management 8.1.4 IBM Application Performance Management (IBM Monitoring 8.1.4) could allow a remote attacker to induce the application to perform server-side DNS lookups of arbitrary domain names. | 5.0 |
| 2019-07-11 | CVE-2019-4118 | Unspecified vulnerability in IBM Multicloud Manager 3.1.0/3.1.1/3.1.2 IBM Multicloud Manager 3.1.0, 3.1.1, and 3.1.2 ibm-mcm-chart could allow a local attacker with admin privileges to obtain highly sensitive information upon deployment. | 4.4 |
| 2019-07-11 | CVE-2018-1968 | Information Exposure vulnerability in IBM Security Identity Manager Virtual Appliance 7.0.1/7.0.1.12 IBM Security Identity Manager 7.0.1 discloses sensitive information to unauthorized users. | 5.3 |
| 2019-07-02 | CVE-2019-4260 | Unspecified vulnerability in IBM Daeja Viewone IBM Daeja ViewONE Professional, Standard & Virtual 5.0 through 5.0.5 could allow an unauthorized user to download server files resulting in sensitive information disclosure. | 5.3 |
| 2019-07-02 | CVE-2019-4134 | Cross-site Scripting vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. | 6.1 |
| 2019-07-02 | CVE-2019-4129 | Information Exposure Through an Error Message vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to obtain sensitive information, caused by an error message containing a stack trace. | 5.3 |