Total
34059 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-4537 | 1 Ibm | 1 Websphere Service Registry And Repository | 2024-11-21 | 5.3 Medium |
| IBM WebSphere Service Registry and Repository 8.5 could allow a user to obtain sensitive version information that could be used in further attacks against the system. IBM X-Force ID: 165593. | ||||
| CVE-2019-4530 | 1 Ibm | 1 Maximo Asset Management | 2024-11-21 | 6.5 Medium |
| IBM Maximo Asset Management 7.6, 7.6.1, and 7.6.1.1 could allow an authenticated user to delete a record that they should not normally be able to. IBM X-Force ID: 165586. | ||||
| CVE-2019-4505 | 1 Ibm | 2 Websphere Application Server, Websphere Virtual Enterprise | 2024-11-21 | 5.3 Medium |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Network Deployment could allow a remote attacker to obtain sensitive information, caused by sending a specially-crafted URL. This can lead the attacker to view any file in a certain directory. IBM X-Force ID: 164364. | ||||
| CVE-2019-4478 | 1 Ibm | 1 Maximo Asset Management | 2024-11-21 | 6.5 Medium |
| IBM Maximo Asset Management 7.6.0, and 7.6.1 could allow an authenticated user to obtain highly sensitive information that they should not normally have access to. IBM X-Force ID: 163998. | ||||
| CVE-2019-4457 | 1 Ibm | 1 Jazz Foundation | 2024-11-21 | 6.5 Medium |
| IBM Jazz Foundation 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 could allow an authenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 163654. | ||||
| CVE-2019-4446 | 1 Ibm | 19 Control Desk, Maximo Asset Configuration Manager, Maximo Asset Health Insights and 16 more | 2024-11-21 | 5.4 Medium |
| IBM Maximo Asset Management 7.6 could allow an authenticated user perform actions they are not authorized to by modifying request parameters. IBM X-Force ID: 163490. | ||||
| CVE-2019-4425 | 1 Ibm | 2 Business Automation Workflow, Business Process Manager | 2024-11-21 | 5.7 Medium |
| IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could allow a user to obtain highly sensitive information from another user by inserting links that would be clicked on by unsuspecting users. IBM X-Force ID: 162771. | ||||
| CVE-2019-4422 | 1 Ibm | 1 Security Guardium | 2024-11-21 | 8.8 High |
| IBM Security Guardium 9.0, 9.5, and 10.6 are vulnerable to a privilege escalation which could allow an authenticated user to change the accessmgr password. IBM X-Force ID: 162768. | ||||
| CVE-2019-4415 | 1 Ibm | 1 Cloud Private | 2024-11-21 | 7.8 High |
| IBM Cloud Private 3.1.1 and 3.1.2 could allow a local user to obtain elevated privileges due to improper security context constraints. IBM X-Force ID: 162706. | ||||
| CVE-2019-4406 | 1 Ibm | 1 Spectrum Protect Backup-archive Client | 2024-11-21 | 4.4 Medium |
| IBM Spectrum Protect Backup-Archive Client 7.1 and 8.1 may be vulnerable to a denial of service attack due to a timing issue between client and server TCP/IP communications. IBM X-Force ID: 162477. | ||||
| CVE-2019-4402 | 1 Ibm | 1 Api Connect | 2024-11-21 | 7.5 High |
| IBM API Connect 2018.1 through 2018.4.1.6 developer portal could allow an unauthorized user to cause a denial of service via an unprotected API. IBM X-Force ID: 162263. | ||||
| CVE-2019-4395 | 1 Ibm | 1 Cloud Orchestrator | 2024-11-21 | 3.3 Low |
| IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 could allow a local user to obtain sensitive information from temporary script files. IBM X-Force ID: 162333. | ||||
| CVE-2019-4394 | 1 Ibm | 1 Cloud Orchestrator | 2024-11-21 | 2.3 Low |
| IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 contain APIs that could be used by a local user to send email. IBM X-Force ID: 162232. | ||||
| CVE-2019-4383 | 1 Ibm | 1 Spectrum Protect Plus | 2024-11-21 | 6.7 Medium |
| When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle or MongoDB databases, a redirected restore operation may result in an escalation of user privileges. IBM X-Force ID: 162165. | ||||
| CVE-2019-4378 | 1 Ibm | 1 Mq | 2024-11-21 | 6.5 Medium |
| IBM MQ 7.5.0.0 - 7.5.0.9, 7.1.0.0 - 7.1.0.9, 8.0.0.0 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 command server is vulnerable to a denial of service attack caused by an authenticated and authorized user using specially crafted PCF messages. IBM X-Force ID: 162084. | ||||
| CVE-2019-4366 | 1 Ibm | 1 Cognos Analytics | 2024-11-21 | 5.3 Medium |
| IBM Cognos Analytics 11.0 and 11.1 is susceptible to an information disclosure vulnerability where an attacker could gain access to cached browser data. IBM X-Force ID: 161748. | ||||
| CVE-2019-4357 | 1 Ibm | 1 Spectrum Protect Plus | 2024-11-21 | 6.7 Medium |
| When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle, DB2 or MongoDB databases, a redirected restore operation specifying a target path may allow execution of arbitrary code on the system. IBM X-Force ID: 161667, | ||||
| CVE-2019-4352 | 1 Ibm | 1 Maximo Anywhere | 2024-11-21 | 2.4 Low |
| IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code. IBM X-Force ID: 161494. | ||||
| CVE-2019-4351 | 1 Ibm | 1 Maximo Anywhere | 2024-11-21 | 4.6 Medium |
| IBM Maximo Anywhere 7.6.4.0 applications could disclose sensitive information to a user with physical access to the device. IBM X-Force ID: 161493. | ||||
| CVE-2019-4334 | 1 Ibm | 1 Cognos Analytics | 2024-11-21 | 4.3 Medium |
| IBM Cognos Analytics 11.0 and 11.1 could reveal sensitive information to an authenticated user that could be used in future attacks against the system. IBM X-Force ID: 161271. | ||||