Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-03 | CVE-2020-4224 | Cleartext Storage of Sensitive Information vulnerability in IBM Storediq IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. | 5.5 |
| 2020-02-03 | CVE-2019-4732 | Untrusted Search Path vulnerability in IBM SDK and Websphere Application Server IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. | 6.5 |
| 2020-01-28 | CVE-2019-4679 | Unspecified vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD could allow an authenticated user to gain information about the hosting operating system and version that could be used in further attacks against the system. | 4.3 |
| 2020-01-28 | CVE-2019-4637 | Unspecified vulnerability in IBM Security Secret Server 10.6/10.7 IBM Security Secret Server 10.7 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. | 4.3 |
| 2020-01-28 | CVE-2019-4633 | Exposure of Resource to Wrong Sphere vulnerability in IBM Security Secret Server 10.6/10.7 IBM Security Secret Server 10.7 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. | 4.3 |
| 2020-01-28 | CVE-2019-4632 | Cross-site Scripting vulnerability in IBM Security Secret Server 10.6/10.7 IBM Security Secret Server 10.7 is vulnerable to cross-site scripting. | 6.1 |
| 2020-01-28 | CVE-2019-4631 | Open Redirect vulnerability in IBM Security Secret Server 10.6/10.7 IBM Security Secret Server 10.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2020-01-28 | CVE-2019-4614 | Unspecified vulnerability in IBM MQ and MQ Appliance IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS client connecting to a Queue Manager could cause a SIGSEGV denial of service caused by converting an invalid message. | 6.5 |
| 2020-01-28 | CVE-2019-4568 | Unspecified vulnerability in IBM MQ and MQ Appliance IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS could allow a remote attacker with intimate knowledge of the server to cause a denial of service when receiving data on the channel. | 5.9 |
| 2020-01-23 | CVE-2012-4863 | Resource Exhaustion vulnerability in IBM Websphere MQ 7.1.0.0/7.1.0.1/7.5.0.0 IBM WebSphere MQ 7.1 and 7.5: Queue manager has a DoS vulnerability | 6.5 |