Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-29 | CVE-2017-1310 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Informix Dynamic Server 12.10 IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files to the server. | 6.5 |
| 2017-06-28 | CVE-2017-1106 | Cross-site Scripting vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-06-27 | CVE-2017-1328 | Unspecified vulnerability in IBM API Connect IBM API Connect 5.0.0.0 - 5.0.6.0 could allow a remote attacker to bypass security restrictions of the api, caused by improper handling of security policy. | 5.3 |
| 2017-06-27 | CVE-2017-1234 | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting. | 5.4 |
| 2017-06-27 | CVE-2016-9972 | Permissions, Privileges, and Access Controls vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 and 7.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2017-06-27 | CVE-2016-6083 | Information Exposure vulnerability in IBM Tivoli Monitoring IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. | 5.3 |
| 2017-06-23 | CVE-2017-1349 | Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially sensitive information from HTTP sessions that could be read by a local user. | 5.5 |
| 2017-06-23 | CVE-2017-1348 | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. | 5.4 |
| 2017-06-23 | CVE-2017-1302 | Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local user view sensitive information due to improper access controls. | 5.5 |
| 2017-06-23 | CVE-2017-1193 | Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 could allow user to obtain sensitive information using an HTTP GET request. | 6.5 |