Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-27 | CVE-2018-1760 | Cross-site Scripting vulnerability in IBM products IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-06-27 | CVE-2018-1758 | Cross-site Scripting vulnerability in IBM products IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-06-27 | CVE-2018-1734 | Information Exposure vulnerability in IBM products IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be used by a malicious user to orchestrate further attacks. | 4.3 |
| 2019-06-26 | CVE-2019-4234 | Unspecified vulnerability in IBM Pureapplication System IBM PureApplication System 2.2.3.0 through 2.2.5.3 weakness in the implementation of locking feature in pattern editor. | 4.3 |
| 2019-06-26 | CVE-2019-4225 | Information Exposure Through Log Files vulnerability in IBM Pureapplication System IBM PureApplication System 2.2.3.0 through 2.2.5.3 stores potentially sensitive information in log files that could be read by a local user. | 4.4 |
| 2019-06-25 | CVE-2019-4382 | Cleartext Transmission of Sensitive Information vulnerability in IBM API Connect IBM API Connect 5.0.0.0 through 5.0.8.6 could allow an unauthorized user to obtain sensitive information about the system users using specially crafted HTTP requests. | 5.3 |
| 2019-06-25 | CVE-2019-4377 | Information Exposure Through an Error Message vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace that could be used in further attacks against the system. | 4.3 |
| 2019-06-25 | CVE-2019-4158 | Missing Authorization vulnerability in IBM Security Access Manager IBM Security Access Manager 9.0.1 through 9.0.6 does not prove that a user's identity is correct which can lead to the exposure of resources or functionality to unintended actors. | 5.4 |
| 2019-06-25 | CVE-2019-4157 | Cross-site Scripting vulnerability in IBM Security Access Manager IBM Security Access Manager 9.0.1 through 9.0.6 is vulnerable to cross-site scripting. | 6.1 |
| 2019-06-25 | CVE-2019-4156 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Access Manager IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.9 |