Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-02 | CVE-2018-1878 | Information Exposure vulnerability in IBM Robotic Process Automation With Automation Anywhere 11 IBM Robotic Process Automation with Automation Anywhere 11 could disclose sensitive information in a web request that could aid in future attacks against the system. | 5.0 |
| 2018-11-02 | CVE-2018-1846 | XXE vulnerability in IBM Rational Engineering Lifecycle Manager IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 5.5 |
| 2018-11-02 | CVE-2018-1835 | XXE vulnerability in IBM Daeja Viewone 5.0 IBM Daeja ViewONE Professional, Standard & Virtual 5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 5.5 |
| 2018-10-29 | CVE-2018-1767 | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Cachemonitor is vulnerable to cross-site scripting. | 4.3 |
| 2018-10-29 | CVE-2018-1380 | Information Exposure vulnerability in IBM Infosphere Master Data Management 11.4/11.5/11.6 IBM InfoSphere Master Data Management Collaboration Server 11.4, 11.5, and 11.6 could allow an authenticated user with CA level access to change change their ca-id to another users and read sensitive information. | 4.0 |
| 2018-10-15 | CVE-2018-1747 | XXE vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 5.5 |
| 2018-10-15 | CVE-2018-1744 | Path Traversal vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 could allow a remote attacker to traverse directories on the system. | 4.0 |
| 2018-10-12 | CVE-2018-1844 | XXE vulnerability in IBM Filenet Content Manager 5.2.1/5.5.0 IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 5.5 |
| 2018-10-12 | CVE-2018-1770 | Path Traversal vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. | 4.0 |
| 2018-10-12 | CVE-2018-1838 | Information Exposure vulnerability in IBM Websphere Application Server 8.5.0.0/9.0.0.0 IBM WebSphere Application Server 8.5 and 9.0 in IBM Cloud could allow a remote attacker to obtain sensitive information caused by improper handling of passwords. | 4.0 |