Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-17 | CVE-2020-4992 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Datapower Gateway IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.16 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
| 2021-08-13 | CVE-2021-29880 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.4.3 IBM QRadar SIEM 7.4.3 GA - 7.4.3 Fix Pack 1 when using domains or multi-tenancy could be vulnerable to information disclosure between tenants by routing SIEM data to the incorrect domain. | 6.5 |
| 2021-08-11 | CVE-2021-20420 | Unspecified vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 could disclose sensitive information due to reliance on untrusted inputs that could aid in further attacks against the system. | 4.3 |
| 2021-08-10 | CVE-2021-29739 | Unchecked Return Value vulnerability in IBM Planning Analytics Local 2.0.0 IBM Planning Analytics Local 2.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. | 4.9 |
| 2021-08-09 | CVE-2021-20349 | Out-of-bounds Write vulnerability in IBM Tivoli Workload Scheduler 9.4/9.5 IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. | 5.3 |
| 2021-08-09 | CVE-2021-29714 | Improper Input Validation vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0.CD could allow a malicious user to cause a denial of service due to improper input validation. | 6.5 |
| 2021-08-04 | CVE-2020-4707 | Cross-site Scripting vulnerability in IBM API Connect IBM API Connect 5.0.0.0 through 5.0.8.11 is vulnerable to cross-site scripting. | 5.4 |
| 2021-08-02 | CVE-2021-20539 | Unspecified vulnerability in IBM Cloud PAK for Security IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. | 5.3 |
| 2021-08-02 | CVE-2021-20540 | Unspecified vulnerability in IBM Cloud PAK for Security IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. | 5.3 |
| 2021-08-02 | CVE-2021-20541 | Unspecified vulnerability in IBM Cloud PAK for Security IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. | 5.3 |