Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-11 | CVE-2018-2009 | Information Exposure vulnerability in IBM API Connect IBM API Connect v2018.1 and 2018.4.1 is affected by an information disclosure vulnerability in the consumer API. | 4.0 |
| 2019-03-11 | CVE-2018-1974 | Unspecified vulnerability in IBM Websphere MQ IBM WebSphere 8.0.0.0 through 9.1.1 could allow an authenticated attacker to escalate their privileges when using multiplexed channels. network ibm | 6.0 |
| 2019-03-11 | CVE-2018-1923 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. | 4.6 |
| 2019-03-11 | CVE-2018-1922 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. | 4.6 |
| 2019-03-11 | CVE-2018-1902 | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to spoof connection information which could be used to launch further attacks against the system. | 4.0 |
| 2019-03-11 | CVE-2018-1890 | Uncontrolled Search Path Element vulnerability in IBM SDK 8.0 IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. | 4.6 |
| 2019-03-06 | CVE-2019-4030 | Cross-site Scripting vulnerability in IBM products IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. | 5.4 |
| 2019-03-05 | CVE-2019-4063 | Cleartext Transmission of Sensitive Information vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition could allow highly sensitive information to be transmitted in plain text. | 5.9 |
| 2019-03-05 | CVE-2019-4029 | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. | 5.4 |
| 2019-03-05 | CVE-2019-4028 | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. | 5.4 |