Vulnerabilidades en IBM
4716 resultadosCVE-2018-1588HIGHIBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6) is vulnerable to a XML External EntiEPSS 1.9%CVE-2018-1846HIGHIBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to a XML External Entity Injection (XXE) aEPSS 1.9%CVE-2018-1730HIGHIBM QRadar SIEM 7.2 and 7.3 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could EPSS 1.9%CVE-2018-1669HIGHIBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 - 7.5.0.16, 7.5.1.0 - 7.5.1.15, 7.5.2.0 - 7.5.2.15, and 7.6.0.0 - 7.6.EPSS 1.9%CVE-2018-1844HIGHIBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remoteEPSS 1.9%CVE-2018-1835HIGHIBM Daeja ViewONE Professional, Standard & Virtual 5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.EPSS 1.9%CVE-2017-1269—IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which couEPSS 1.9%CVE-2018-1721HIGHIBM Cognos Analytics 11.0 and 11.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attackerEPSS 1.8%CVE-2019-4670MEDIUMIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper datEPSS 1.8%CVE-2020-5003MEDIUMIBM Financial Transaction Manager 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote atEPSS 1.8%CVE-2017-1628—IBM Business Process Manager 8.6.0.0 allows authenticated users to stop and resume the Event Manager by calling a REST API with incorrect auEPSS 1.8%CVE-2022-40609HIGHIBM SDK, Java Technology Edition code executionEPSS 1.8%CVE-2018-1698MEDIUMIBM Maximo Asset Management 7.6 through 7.6.3 could allow an unauthenticated attacker to obtain sensitive information from error messages. IEPSS 1.8%CVE-2020-4934MEDIUMIBM Content Navigator 3.0.CD could allow a remote attacker to traverse directories on the system. An attacker could send a specially-craftedEPSS 1.8%CVE-2019-4173MEDIUMIBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could allow a remote attacker to obtain sensitive information, caused by a EPSS 1.8%CVE-2022-22345MEDIUMIBM QRadar 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in thEPSS 1.8%CVE-2020-4869MEDIUMIBM MQ Appliance 9.2 CD and 9.2 LTS is vulnerable to a denial of service, caused by a buffer overflow. A remote attacker could send a speciaEPSS 1.8%CVE-2018-1638MEDIUMIBM API Connect 5.0.0.0-5.0.8.3 Developer Portal does not enforce Two Factor Authentication (TFA) while resetting a user password but enforcEPSS 1.8%CVE-2016-9977—IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to hijack a user's session, caused by the failure to invalidate EPSS 1.8%CVE-2022-40752CRITICALIBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. IBM X-FEPSS 1.8%