Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-10 | CVE-2021-29739 | Unchecked Return Value vulnerability in IBM Planning Analytics Local 2.0.0 IBM Planning Analytics Local 2.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. | 4.0 |
| 2021-08-09 | CVE-2021-20349 | Out-of-bounds Write vulnerability in IBM Tivoli Workload Scheduler 9.4/9.5 IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. | 4.6 |
| 2021-08-09 | CVE-2021-29714 | Improper Input Validation vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0.CD could allow a malicious user to cause a denial of service due to improper input validation. | 4.0 |
| 2021-08-04 | CVE-2021-29765 | Unspecified vulnerability in IBM Powervm Fw940/Fw950 IBM PowerVM Hypervisor FW940 and FW950 could allow an attacker to obtain sensitive information if they gain service access to the FSP. | 5.0 |
| 2021-08-02 | CVE-2021-20539 | Unspecified vulnerability in IBM Cloud PAK for Security IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. | 5.0 |
| 2021-08-02 | CVE-2021-20540 | Unspecified vulnerability in IBM Cloud PAK for Security IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. | 5.0 |
| 2021-08-02 | CVE-2021-20541 | Unspecified vulnerability in IBM Cloud PAK for Security IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. | 5.0 |
| 2021-08-02 | CVE-2021-29697 | Unspecified vulnerability in IBM Cloud PAK for Security IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could allow a remote authenticated attacker to obtain sensitive information through HTTP requests that could be used in further attacks against the system. | 4.0 |
| 2021-08-02 | CVE-2021-29757 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Qradar User Behavior Analytics 4.1.1 IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.8 |
| 2021-07-30 | CVE-2021-29736 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote user to gain elevated privileges on the system. | 6.5 |