Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-07-12 CVE-2021-29805 Cross-site Scripting vulnerability in IBM Tivoli Netcool/Omnibus GUI 8.1.0
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-07-12 CVE-2021-29822 Cross-site Scripting vulnerability in IBM Tivoli Netcool/Omnibus GUI 8.1.0
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-07-09 CVE-2021-29712 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1
2021-07-08 CVE-2021-29711 Unspecified vulnerability in IBM Urbancode Deploy
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0, 7.0.4.0, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2 could allow an authenticated user with certain permissions to initiate an agent upgrade through the CLI interface.
network
low complexity
ibm
4.3
4.3
2021-07-07 CVE-2021-20416 Incorrect Permission Assignment for Critical Resource vulnerability in IBM Guardium Data Encryption 3.0.0.3/4.0.0.4
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag.
network
low complexity
ibm CWE-732
5.3
5.3
2021-07-07 CVE-2021-20417 Information Exposure Through an Error Message vulnerability in IBM Guardium Data Encryption 4.0.0.4
IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
4.3
4.3
2021-07-01 CVE-2020-4935 Cross-site Scripting vulnerability in IBM Datacap Navigator 9.1.7
IBM Datacap Fastdoc Capture (IBM Datacap Navigator 9.1.7 ) is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-06-30 CVE-2021-20461 Exposure of Resource to Wrong Sphere vulnerability in multiple products
IBM Cognos Analytics 10.0 and 11.1 is susceptible to a weakness in the implementation of the System Appearance configuration setting.
network
low complexity
ibm netapp CWE-668
6.5
6.5
2021-06-29 CVE-2021-20477 Cross-site Scripting vulnerability in IBM Planning Analytics 2.0
IBM Planning Analytics 2.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-06-29 CVE-2021-20490 Incorrect Default Permissions vulnerability in IBM Spectrum Protect Plus
IBM Spectrum Protect Plus 10.1.0 through 10.1.8 could allow a local user to cause a denial of service due to insecure file permission settings.
local
low complexity
ibm CWE-276
5.5
5.5