Total
32127 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-4241 | 1 Ibm | 1 Pureapplication System | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| IBM PureApplication System 2.2.3.0 through 2.2.5.3 could allow an authenticated user with local access to bypass authentication and obtain administrative access. IBM X-Force ID: 159467. | |||||
| CVE-2019-4234 | 1 Ibm | 1 Pureapplication System | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM PureApplication System 2.2.3.0 through 2.2.5.3 weakness in the implementation of locking feature in pattern editor. An attacker by intercepting the subsequent requests can bypass business logic to modify the pattern to unlocked state. IBM X-Force ID: 159416. | |||||
| CVE-2019-4210 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| IBM QRadar SIEM 7.3.2 could allow a user to bypass authentication exposing certain functionality which could lead to information disclosure or modification of application configuration. IBM X-Force ID: 158986. | |||||
| CVE-2019-4207 | 1 Ibm | 1 Tririga Application Platform | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 may disclose sensitive information only available to a local user that could be used in further attacks against the system. IBM X-Force ID: 159148. | |||||
| CVE-2019-4194 | 1 Ibm | 1 Jazz For Service Management | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 is missing function level access control that could allow a user to delete authorized resources. IBM X-Force ID: 159033. | |||||
| CVE-2019-4185 | 1 Ibm | 2 Infosphere Information Server, Infosphere Information Server On Cloud | 2024-11-21 | 5.4 MEDIUM | 8.3 HIGH |
| IBM InfoSphere Information Server 11.7.1 containers are vulnerable to privilege escalation due to an insecurely configured component. IBM X-Force ID: 158975. | |||||
| CVE-2019-4176 | 1 Ibm | 1 Cognos Controller | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could allow a remote attacker to bypass security restrictions, caused by an error related to insecure HTTP Methods. An attacker could exploit this vulnerability to gain access to the system. IBM X-Force ID: 158881. | |||||
| CVE-2019-4165 | 1 Ibm | 1 Storediq | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow a remote attacker to cause a denial of service attack using repeated requests to the server. IBM X-Force ID: 158698. | |||||
| CVE-2019-4163 | 1 Ibm | 1 Storediq | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow an authenticated user to obtain sensitive information that a privileged user should only be allowed to view. IBM X-Force ID: 158696. | |||||
| CVE-2019-4161 | 1 Ibm | 1 Security Information Queue | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 158660. | |||||
| CVE-2019-4155 | 1 Ibm | 1 Api Connect | 2024-11-21 | 7.5 HIGH | 8.8 HIGH |
| IBM API Connect's Developer Portal 2018.1 and 2018.4.1.3 is impacted by a privilege escalation vulnerability when integrated with an OpenID Connect (OIDC) user registry. IBM X-Force ID: 158544. | |||||
| CVE-2019-4146 | 1 Ibm | 1 Sterling B2b Integrator | 2024-11-21 | 3.5 LOW | 3.1 LOW |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could allow an authenticated user to obtain sensitive document information under unusual circumstances. IBM X-Force ID: 158401. | |||||
| CVE-2019-4145 | 1 Ibm | 1 Security Access Manager | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| IBM Security Access Manager 9.0.1 through 9.0.6 could reveal highly sensitive in specialized conditions to a local user which could be used in further attacks against the system. IBM X-Force ID: 158400. | |||||
| CVE-2019-4135 | 1 Ibm | 1 Security Access Manager | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Security Access Manager 9.0.1 through 9.0.6 is affected by a security vulnerability that could allow authenticated users to impersonate other users. IBM X-Force ID: 158331. | |||||
| CVE-2019-4133 | 1 Ibm | 1 Cloud Automation Manager | 2024-11-21 | 3.6 LOW | 5.2 MEDIUM |
| IBM Cloud Automation Manager 3.1.2 could allow a malicious user on the client side (with access to client computer) to run a custom script. IBM X-Force ID: 158278. | |||||
| CVE-2019-4132 | 1 Ibm | 1 Cloud Automation Manager | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM Cloud Automation Manager 3.1.2 could allow a user to be impropertly redirected and obtain sensitive information rather than receive a 404 error message. IBM X-Force ID: 158274. | |||||
| CVE-2019-4131 | 1 Ibm | 1 Cloud Application Performance Management | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Application Performance Management (IBM Monitoring 8.1.4) could allow a remote attacker to induce the application to perform server-side DNS lookups of arbitrary domain names. IBM X-Force ID: 158270. | |||||
| CVE-2019-4119 | 1 Ibm | 1 Cloud Private | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Cloud Private Kubernetes API server 2.1.0, 3.1.0, 3.1.1, and 3.1.2 can be used as an HTTP proxy to not only cluster internal but also external target IP addresses. IBM X-Force ID: 158145. | |||||
| CVE-2019-4118 | 1 Ibm | 1 Multicloud Manager | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| IBM Multicloud Manager 3.1.0, 3.1.1, and 3.1.2 ibm-mcm-chart could allow a local attacker with admin privileges to obtain highly sensitive information upon deployment. IBM X-Force ID: 158144. | |||||
| CVE-2019-4116 | 1 Ibm | 1 Cloud Private | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| IBM Cloud Private 2.1.0, 3.1.0, and 3.1.1 could disclose highly sensitive information in installer logs that could be use for further attacks against the system. IBM X-Force ID: 158115. | |||||