Vulnerabilidades en IBM
4716 resultadosCVE-2019-4384MEDIUMIBM Campaign 9.1.2 and 10.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted EPSS 2.3%CVE-2018-1663MEDIUMIBM DataPower Gateways 7.5, 7.5.1, 7.5.2, 7.6, and 2018.4 could allow a remote attacker to obtain sensitive information, caused by the failuEPSS 2.3%CVE-2017-1476MEDIUMIBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 could allow a remote attacker to obtain sensitEPSS 2.3%CVE-2018-1990MEDIUMIBM Cloud App Management V2018.2.0, V2018.4.0, and V2018.4.1 could allow an attacker to obtain sensitive configuration information using a sEPSS 2.3%CVE-2017-1253—IBM Security Guardium 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-cEPSS 2.3%CVE-2021-39031HIGHIBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 could allow a remote authenticated attacker to conduct an LDAP injectioEPSS 2.3%CVE-2021-29695MEDIUMIBM Host firmware for LC-class Systems could allow a remote attacker to traverse directories on the system. An attacker could send a specialEPSS 2.3%CVE-2019-4008CRITICALAPI Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. Authorization tokens in some URLs can result in the tokens being wrEPSS 2.3%CVE-2017-1235—IBM WebSphere MQ 8.0 could allow an authenticated user to cause a premature termination of a client application thread which could potentialEPSS 2.3%CVE-2020-5016MEDIUMIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. When applicatioEPSS 2.3%CVE-2018-1850HIGHIBM Security Access Manager Appliance 9.0.3.1, 9.0.4.0 and 9.0.5.0 could allow unauthorized administration operations when Advanced Access CEPSS 2.2%CVE-2018-1695HIGHIBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations using Form Login could allow a remote attacker to conduct spoofing attackEPSS 2.2%CVE-2018-1372—IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not require that users should have strong passwords by default, which makes itEPSS 2.2%CVE-2020-4579HIGHIBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially craftEPSS 2.2%CVE-2018-1475—IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentEPSS 2.2%CVE-2018-1417HIGHUnder certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a securEPSS 2.2%CVE-2016-8964—IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentialsEPSS 2.2%CVE-2020-4494HIGHIBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space ManEPSS 2.2%CVE-2019-4520HIGHIBM Security Directory Server 6.4.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account creEPSS 2.2%CVE-2018-1546MEDIUMIBM API Connect information disclosureEPSS 2.2%