Vulnerabilities > IBM > Websphere MQ > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-16 | CVE-2020-4310 | Unspecified vulnerability in IBM MQ and Websphere MQ IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic. | 5.0 |
| 2020-03-16 | CVE-2019-4656 | Improper Input Validation vulnerability in IBM MQ, MQ Appliance and Websphere MQ IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD is vulnerable to a denial of service attack that would allow an authenticated user to crash the queue and require a restart due to an error processing error messages. | 4.0 |
| 2020-01-23 | CVE-2012-4863 | Resource Exhaustion vulnerability in IBM Websphere MQ 7.1.0.0/7.1.0.1/7.5.0.0 IBM WebSphere MQ 7.1 and 7.5: Queue manager has a DoS vulnerability | 4.0 |
| 2019-09-27 | CVE-2019-4141 | Memory Leak vulnerability in IBM Websphere MQ and Websphere MQ Appliance IBM MQ 7.1.0.0 - 7.1.0.9, 7.5.0.0 - 7.5.0.9, 8.0.0.0 - 8.0.0.11, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.1 - 9.1.2 is vulnerable to a denial of service attack caused by a memory leak in the clustering code. | 6.5 |
| 2019-08-05 | CVE-2019-4261 | Unspecified vulnerability in IBM MQ and Websphere MQ IBM WebSphere MQ V7.1, 7.5, IBM MQ V8, IBM MQ V9.0LTS, IBM MQ V9.1 LTS, and IBM MQ V9.1 CD are vulnerable to a denial of service attack caused by specially crafted messages. | 4.0 |
| 2019-05-23 | CVE-2019-4039 | Unspecified vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local attacker to cause a denial of service within the error log reporting system. | 5.5 |
| 2019-04-15 | CVE-2018-1925 | Inadequate Encryption Strength vulnerability in IBM Websphere MQ 9.1.0.0/9.1.0.1/9.1.1 IBM WebShere MQ 9.1.0.0, 9.1.0.1, 9.1.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 4.3 |
| 2019-03-11 | CVE-2018-1974 | Unspecified vulnerability in IBM Websphere MQ IBM WebSphere 8.0.0.0 through 9.1.1 could allow an authenticated attacker to escalate their privileges when using multiplexed channels. network ibm | 6.0 |
| 2018-11-09 | CVE-2018-1684 | Unspecified vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0 through 9.1 is vulnerable to a error with MQTT topic string publishing that can cause a denial of service attack. | 4.0 |
| 2018-08-06 | CVE-2018-1551 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name. | 6.0 |