Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-14 | CVE-2022-34329 | Unspecified vulnerability in IBM Cics TX 11.7 IBM CICS TX 11.7 could allow an attacker to obtain sensitive information from HTTP response headers. | 5.3 |
| 2022-11-14 | CVE-2022-38705 | Unspecified vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 Standard and Advanced could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. | 6.1 |
| 2022-11-14 | CVE-2022-35719 | Information Exposure Through Log Files vulnerability in IBM MQ Internet Pass-Thru 2.1/9.2 IBM MQ Internet Pass-Thru 2.1, 9.2 LTS and 9.2 CD stores potentially sensitive information in trace files that could be read by a local user. | 5.5 |
| 2022-11-11 | CVE-2022-31772 | Improper Input Validation vulnerability in IBM MQ IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service to the MQTT channels. | 6.5 |
| 2022-11-11 | CVE-2022-36776 | Cross-site Scripting vulnerability in IBM Cloud PAK for Security 1.10.0.0/1.10.2.0 IBM Cloud Pak for Security (CP4S) 1.10.0.0 79and 1.10.2.0 is vulnerable to cross-site scripting. | 5.4 |
| 2022-11-11 | CVE-2022-40750 | Cross-site Scripting vulnerability in IBM Websphere Application Server 8.5/9.0 IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. | 5.4 |
| 2022-11-03 | CVE-2021-39077 | Cleartext Storage of Sensitive Information vulnerability in IBM Security Guardium IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user. | 4.4 |
| 2022-11-03 | CVE-2022-22442 | Unspecified vulnerability in IBM products "IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information restricted to users with elevated privileges due to improper access controls. | 6.5 |
| 2022-11-03 | CVE-2022-30615 | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. | 5.4 |
| 2022-11-03 | CVE-2022-34339 | Cleartext Storage of Sensitive Information vulnerability in IBM Cognos Analytics "IBM Cognos Analytics 11.2.1, 11.2.0, 11.1.7 stores user credentials in plain clear text which can be read by an authenticated user. | 6.5 |