Vulnerabilities > IBM > Security Guardium > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-03 | CVE-2020-4190 | Use of Hard-coded Credentials vulnerability in IBM Security Guardium 10.6/11.0/11.1 IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 6.7 |
| 2020-06-03 | CVE-2020-4187 | Unspecified vulnerability in IBM Security Guardium 11.1 IBM Security Guardium 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. | 5.3 |
| 2020-06-03 | CVE-2020-4182 | Cross-site Scripting vulnerability in IBM Security Guardium 11.1 IBM Security Guardium 11.1 is vulnerable to cross-site scripting. | 6.1 |
| 2018-12-17 | CVE-2018-1891 | Cross-site Scripting vulnerability in IBM Security Guardium IBM Security Guardium 10 and 10.5 is vulnerable to cross-site scripting. | 5.4 |
| 2018-12-17 | CVE-2018-1889 | Cross-site Scripting vulnerability in IBM Security Guardium IBM Security Guardium 10.0 and 10.5 is vulnerable to cross-site scripting. | 5.4 |
| 2018-12-17 | CVE-2017-1272 | Information Exposure vulnerability in IBM Security Guardium IBM Security Guardium 10.0 and 10.5 stores sensitive information in URL parameters. | 5.3 |
| 2018-12-17 | CVE-2017-1265 | Improper Certificate Validation vulnerability in IBM Security Guardium IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 does not validate, or incorrectly validates, a certificate. | 5.9 |
| 2018-12-13 | CVE-2018-1817 | Cross-site Scripting vulnerability in IBM Security Guardium IBM Security Guardium 10 and 10.5 is vulnerable to cross-site scripting. | 6.1 |
| 2017-12-20 | CVE-2017-1600 | Cross-site Scripting vulnerability in IBM Security Guardium IBM Security Guardium 10.0 Database Activity Monitor is vulnerable to cross-site scripting. | 5.4 |
| 2017-12-20 | CVE-2017-1596 | Information Exposure vulnerability in IBM Security Guardium IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. | 5.5 |