Vulnerabilities > IBM > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-27 | CVE-2022-43909 | Cross-site Scripting vulnerability in IBM Security Guardium 11.4 IBM Security Guardium 11.4 is vulnerable to cross-site scripting. | 5.4 |
2023-08-27 | CVE-2023-30435 | Cross-site Scripting vulnerability in IBM Security Guardium 11.3/11.4/11.5 IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. | 5.4 |
2023-08-27 | CVE-2023-30436 | Cross-site Scripting vulnerability in IBM Security Guardium 11.3/11.4/11.5 IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting. | 5.4 |
2023-08-27 | CVE-2023-30437 | Unspecified vulnerability in IBM Security Guardium 11.3/11.4/11.5 IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. | 5.3 |
2023-08-27 | CVE-2023-33852 | SQL Injection vulnerability in IBM Security Guardium 11.4 IBM Security Guardium 11.4 is vulnerable to SQL injection. | 5.4 |
2023-08-24 | CVE-2023-40371 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to access files outside of those allowed due to improper access controls. | 5.5 |
2023-08-22 | CVE-2023-38733 | Information Exposure Through Log Files vulnerability in IBM Robotic Process Automation IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 server could allow an authenticated user to view sensitive information from installation logs. | 4.3 |
2023-08-22 | CVE-2023-40370 | Unspecified vulnerability in IBM products IBM Robotic Process Automation 21.0.0 through 21.0.7.1 runtime is vulnerable to information disclosure of script content if the remote REST request computer policy is enabled. | 5.3 |
2023-08-22 | CVE-2023-38732 | Information Exposure Through Log Files vulnerability in IBM products IBM Robotic Process Automation 21.0.0 through 21.0.7 server could allow an authenticated user to view sensitive information from application logs. | 4.3 |
2023-08-16 | CVE-2023-35009 | Information Exposure Through an Error Message vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system information without authentication which could be used in reconnaissance to gather information that could be used for future attacks. | 5.3 |