Vulnerabilities > IBM > Security Guardium > 10.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-03 | CVE-2021-39077 | Cleartext Storage of Sensitive Information vulnerability in IBM Security Guardium IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user. | 4.4 |
| 2022-04-19 | CVE-2021-39076 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Guardium 10.5/11.3 IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. | 7.5 |
| 2022-04-19 | CVE-2021-39078 | Cleartext Storage of Sensitive Information vulnerability in IBM Security Guardium 10.5 IBM Security Guardium 10.5 stores user credentials in plain clear text which can be read by a local privileged user. | 4.4 |
| 2021-11-08 | CVE-2021-29735 | Cross-site Scripting vulnerability in IBM Security Guardium IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, and 11.3 is vulnerable to cross-site scripting. | 5.4 |
| 2020-08-26 | CVE-2018-1501 | Missing Authentication for Critical Function vulnerability in IBM Security Guardium 10.5/10.6/11.0 IBM Security Guardium 10.5, 10.6, and 11.0 could allow an unauthorized user to obtain sensitive information due to missing security controls. | 7.5 |
| 2020-07-30 | CVE-2020-4186 | Information Exposure vulnerability in IBM Security Guardium 10.5/10.6/11.1 IBM Security Guardium 10.5, 10.6, and 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. | 5.3 |
| 2020-07-30 | CVE-2020-4185 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Guardium 10.5/10.6/11.1 IBM Security Guardium 10.5, 10.6, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2019-07-02 | CVE-2019-4292 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Guardium 10.5 IBM Security Guardium 10.5 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable web server. | 8.8 |
| 2018-12-17 | CVE-2018-1891 | Cross-site Scripting vulnerability in IBM Security Guardium IBM Security Guardium 10 and 10.5 is vulnerable to cross-site scripting. | 5.4 |
| 2018-12-17 | CVE-2018-1889 | Cross-site Scripting vulnerability in IBM Security Guardium IBM Security Guardium 10.0 and 10.5 is vulnerable to cross-site scripting. | 5.4 |