Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-28 | CVE-2021-20494 | Out-of-bounds Write vulnerability in IBM Security Identity Manager Adapter 6.0.0.0/7.0.0.0 IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a heap based buffer overflow, caused by improper bounds. | 4.0 |
| 2021-06-28 | CVE-2021-20572 | Out-of-bounds Write vulnerability in IBM Security Identity Manager Adapter 6.0.0.0/7.0.0.0 IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. | 4.0 |
| 2021-06-28 | CVE-2021-20573 | Out-of-bounds Write vulnerability in IBM Security Identity Manager Adapter 6.0.0.0/7.0.0.0 IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. | 4.0 |
| 2021-06-28 | CVE-2021-20574 | Injection vulnerability in IBM Security Identity Manager Adapter 6.0.0.0/7.0.0.0 IBM Security Identity Manager Adapters 6.0 and 7.0 could allow a remote authenticated attacker to conduct an LDAP injection. | 6.5 |
| 2021-06-28 | CVE-2021-29775 | Cross-site Scripting vulnerability in IBM products IBM Business Automation Workflow 19.0.03 and 20.0 and IBM Cloud Pak for Automation 20.0.3-IF002 and 21.0.1 are vulnerable to cross-site scripting. | 4.3 |
| 2021-06-25 | CVE-2020-4609 | Classic Buffer Overflow vulnerability in IBM Security Verify Privilege Manager IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2) is vulnerable to a buffer overflow, caused by improper bounds checking. | 4.6 |
| 2021-06-25 | CVE-2020-4610 | Improper Validation of Integrity Check Value vulnerability in IBM Security Verify Privilege Manager IBM Security Secret Server (IBM Security Verify Privilege Manager 10.8.2 ) could allow a local user to execute code due to improper integrity checks. | 4.6 |
| 2021-06-25 | CVE-2021-20583 | Improper Input Validation vulnerability in IBM Security Verify IBM Security Verify (IBM Security Verify Privilege Vault 10.9.66) could disclose sensitive information through an HTTP GET request by a privileged user due to improper input validation.. | 4.0 |
| 2021-06-25 | CVE-2021-29676 | Injection vulnerability in IBM Security Verify IBM Security Verify (IBM Security Verify Privilege Vault 10.9.66) is vulnerable to link injection. | 5.8 |
| 2021-06-24 | CVE-2020-4945 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM DB2 11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to overwrite arbirary files due to improper group permissions. | 5.5 |