Vulnerabilities > IBM > Security Guardium > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-20 | CVE-2017-1595 | Information Exposure vulnerability in IBM Security Guardium IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. | 5.5 |
| 2017-12-20 | CVE-2017-1266 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Security Guardium IBM Security Guardium 10.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. | 5.4 |
| 2017-12-20 | CVE-2017-1262 | HTTP Response Splitting vulnerability in IBM Security Guardium IBM Security Guardium 10.0 is vulnerable to HTTP response splitting attacks. | 6.1 |
| 2017-12-20 | CVE-2017-1257 | Information Exposure vulnerability in IBM Security Guardium IBM Security Guardium 10.0 discloses sensitive information to unauthorized users. | 4.3 |
| 2017-07-05 | CVE-2017-1258 | Improper Authentication vulnerability in IBM Security Guardium IBM Security Guardium 10.0 and 10.1 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. | 6.5 |
| 2017-07-05 | CVE-2017-1256 | Cross-site Scripting vulnerability in IBM Security Guardium 10.0/10.1 IBM Security Guardium 10.0, 10.1 is vulnerable to cross-site scripting. | 6.1 |
| 2016-10-22 | CVE-2016-0246 | Cross-site Scripting vulnerability in IBM Security Guardium Cross-site scripting (XSS) vulnerability in IBM Security Guardium 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 6.1 |
| 2016-10-22 | CVE-2016-0242 | Information Exposure vulnerability in IBM Security Guardium 10.0/10.01/10.1 IBM Security Guardium 10.x through 10.1 before p100 allows remote authenticated users to obtain sensitive information by reading an Application Error message. | 4.3 |
| 2016-06-29 | CVE-2016-0298 | Information Exposure vulnerability in IBM Security Guardium Directory traversal vulnerability in IBM Security Guardium Database Activity Monitor 10 before 10.0p100 allows remote authenticated users to read arbitrary files via a crafted URL. | 6.5 |