Vulnerabilities > IBM > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-21 | CVE-2022-22435 | Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.1.2 IBM Maximo Asset Management 7.6.1.2 is vulnerable to cross-site scripting. | 5.4 |
2022-04-21 | CVE-2022-22436 | Cross-site Scripting vulnerability in IBM Maximo Asset Management 7.6.1.2 IBM Maximo Asset Management 7.6.1.2 is vulnerable to cross-site scripting. | 5.4 |
2022-04-19 | CVE-2021-39033 | Information Exposure Through an Error Message vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 6.5 |
2022-04-19 | CVE-2021-39072 | Unspecified vulnerability in IBM Security Guardium 11.3 IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
2022-04-19 | CVE-2021-39078 | Cleartext Storage of Sensitive Information vulnerability in IBM Security Guardium 10.5 IBM Security Guardium 10.5 stores user credentials in plain clear text which can be read by a local privileged user. | 4.4 |
2022-04-14 | CVE-2022-22391 | Unspecified vulnerability in IBM products IBM Aspera High-Speed Transfer 4.3.1 and earlier could allow an authenticated user to obtain information from non sensitive operating system files that they should not have access to. | 4.3 |
2022-04-11 | CVE-2021-39068 | Cross-site Scripting vulnerability in IBM Curam Social Program Management 7.0.11.0/8.0.1 IBM Curam Social Program Management 8.0.1 and 7.0.11 is vulnerable to cross-site scripting. | 5.4 |
2022-04-05 | CVE-2022-22355 | Unspecified vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance 9.2 CD and 9.2 LTS are vulnerable to a denial of service in the Login component of the application which could allow an attacker to cause a drop in performance. | 5.3 |
2022-04-05 | CVE-2022-22356 | Information Exposure Through Discrepancy vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an attacker to enumerate account credentials due to an observable discrepancy in valid and invalid login attempts. | 6.5 |
2022-04-01 | CVE-2022-22328 | Unspecified vulnerability in IBM Partner Engagement Manager 6.2.0 IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user to elevate their privileges and perform unintended operations to another users data. | 6.2 |