Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-13 | CVE-2022-22325 | Unspecified vulnerability in IBM MQ for HPE Nonstop 8.1.0 IBM MQ (IBM MQ for HPE NonStop 8.1.0) can inadvertently disclose sensitive information under certain circumstances to a local user from a stack trace. | 5.5 |
| 2022-05-13 | CVE-2022-22393 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. | 6.5 |
| 2022-05-11 | CVE-2021-39059 | Cross-site Scripting vulnerability in IBM Jazz Foundation IBM Jazz Foundation (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) is vulnerable to cross-site scripting. | 5.4 |
| 2022-05-11 | CVE-2022-22320 | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager 7.3.3/7.4.3 IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. | 4.8 |
| 2022-05-10 | CVE-2021-39024 | Cross-site Scripting vulnerability in IBM Guardium Data Encryption 4.0.0.0/5.0.0.0/5.0.0.3 IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 is vulnerable to cross-site scripting. | 6.1 |
| 2022-05-09 | CVE-2022-22319 | Unspecified vulnerability in IBM products IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. | 5.4 |
| 2022-05-09 | CVE-2022-22481 | Unspecified vulnerability in IBM I 7.2/7.3/7.4 IBM Navigator for i 7.2, 7.3, and 7.4 (heritage version) could allow a remote attacker to obtain access to the web interface without valid credentials. | 5.3 |
| 2022-05-06 | CVE-2021-39027 | Improper Encoding or Escaping of Output vulnerability in IBM Guardium Data Encryption 4.0.0.0/5.0.0.0 IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. | 5.0 |
| 2022-05-05 | CVE-2021-39020 | Information Exposure vulnerability in IBM Guardium Data Encryption IBM Guardium Data Encryption (GDE) 4.0.0.7 and lower stores sensitive information in URL parameters. | 5.3 |
| 2022-05-05 | CVE-2022-22415 | Unspecified vulnerability in IBM Robotic Process Automation 21.0.1 A vulnerability exists where an IBM Robotic Process Automation 21.0.1 regular user is able to obtain view-only access to some admin pages in the Control Center IBM X-Force ID: 223029. | 6.5 |