Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-23 | CVE-2021-20377 | Information Exposure Through an Error Message vulnerability in IBM Security Guardium 11.3 IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.0 |
| 2021-09-23 | CVE-2021-20485 | Information Exposure Through an Error Message vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.0 |
| 2021-09-23 | CVE-2021-20563 | Information Exposure vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote authenciated user to obtain sensitive information. | 4.0 |
| 2021-09-23 | CVE-2021-38864 | Improper Certificate Validation vulnerability in IBM Security Verify Bridge IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain sensitive information due to improper certificate validation. | 5.0 |
| 2021-09-21 | CVE-2021-29795 | Injection vulnerability in IBM Powervm Hypervisor IBM PowerVM Hypervisor FW860, FW930, FW940, and FW950 could allow a local user to create a specially crafted sequence of hypervisor calls from a partition that could crash the system. | 4.9 |
| 2021-09-21 | CVE-2021-29831 | XXE vulnerability in IBM products IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 5.5 |
| 2021-09-20 | CVE-2021-29811 | Insufficiently Protected Credentials vulnerability in IBM Tivoli Netcool/Omnibus Webgui 8.1.0 IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 stores user credentials in plain clear text which can be read by an authenticated admin user. | 4.0 |
| 2021-09-20 | CVE-2021-29856 | Unspecified vulnerability in IBM Tivoli Netcool/Omnibus Webgui 8.1.0 IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 could allow an authenticated usre to cause a denial of service through the WebGUI Map Creation page. | 4.0 |
| 2021-09-16 | CVE-2021-29752 | Unspecified vulnerability in IBM DB2 11.2/11.5 IBM Db2 11.2 and 11.5 contains an information disclosure vulnerability, exposing remote storage credentials to privileged users under specific conditions. | 4.4 |
| 2021-09-16 | CVE-2021-29825 | Information Exposure vulnerability in IBM DB2 11.1/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could disclose sensitive information when using ADMIN_CMD with LOAD or BACKUP. | 5.0 |