Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-07 | CVE-2022-34308 | Allocation of Resources Without Limits or Throttling vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 could allow a local user to cause a denial of service due to improper load handling. | 5.5 |
| 2022-10-07 | CVE-2022-36772 | Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that should only be available to a privileged user. | 6.5 |
| 2022-10-07 | CVE-2022-41291 | Insufficient Session Expiration vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. | 6.5 |
| 2022-10-06 | CVE-2022-36774 | Unspecified vulnerability in IBM products IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to man in the middle attacks through manipulation of the client proxy configuration. high complexity ibm | 5.3 |
| 2022-10-06 | CVE-2022-38709 | Cross-site Scripting vulnerability in IBM Robotic Process Automation for Cloud PAK IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 for Cloud Pak is vulnerable to cross-site scripting. | 6.1 |
| 2022-10-06 | CVE-2022-41294 | Origin Validation Error vulnerability in IBM Robotic Process Automation IBM Robotic Process Automation 21.0.0, 21.0.1, 21.0.2, 21.0.3, and 21.0.4 is vulnerable to cross origin resource sharing using the bot api. | 6.5 |
| 2022-10-06 | CVE-2022-22503 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM products IBM Robotic Process Automation 21.0.0 could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |
| 2022-09-29 | CVE-2011-4820 | Unspecified vulnerability in IBM Rational Asset Manager 7.5 IBM Rational Asset Manager 7.5 could allow a remote attacker to bypass security restrictions. | 4.3 |
| 2022-09-29 | CVE-2012-2160 | Cross-site Scripting vulnerability in IBM Rational Change 5.3 IBM Rational Change 5.3 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. | 6.1 |
| 2022-09-29 | CVE-2012-4818 | Unspecified vulnerability in IBM Infosphere Information Server 8.1/8.5/8.7 IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories. | 6.5 |