Vulnerabilities in IBM
4,716 resultsCVE-2019-4715HIGHIBM Spectrum Scale 4.2 and 5.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specialEPSS 4.0%CVE-2020-4449HIGHIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to obtain sensitive information with a speEPSS 3.9%CVE-2018-1745HIGHIBM Security Key Lifecycle Manager 2.7 and 3.0 could allow an unauthenticated user to restart the SKLM server due to missing authentication.EPSS 3.9%CVE-2018-1851HIGHIBM WebSphere Application Server Liberty OpenID Connect could allow a remote attacker to execute arbitrary code on the system, caused by impEPSS 3.9%CVE-2019-4433HIGHIBM InfoSphere Global Name Management 5.0 and 6.0 and IBM InfoSphere Identity Insight 8.1 and 9.0 is vulnerable to an XML External Entity InEPSS 3.9%CVE-2019-4292HIGHIBM Security Guardium 10.5 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary codeEPSS 3.7%CVE-2018-1640HIGHIBM Security Privileged Identity Manager Virtual Appliance 2.2.1 could allow a remote authenticated attacker to execute arbitrary commands oEPSS 3.7%CVE-2018-1904HIGHIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute arbitrary Java code through an administrativEPSS 3.7%CVE-2021-20354MEDIUMIBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories. An attacker could send a speciallyEPSS 3.7%CVE-2019-4561HIGHIBM Security Identity Manager 6.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of EPSS 3.5%CVE-2019-4183MEDIUMIBM Cognos Analytics 11.0, and 11.1 is vulnerable to a denial of service attack that could allow a remote user to send specially crafted reqEPSS 3.5%CVE-2017-1710—A vulnerability in the Service Assistant GUI in IBM Storwize V7000 (2076) 8.1 could allow a remote attacker to perform a privilege escalatioEPSS 3.5%CVE-2018-1755MEDIUMIBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by incorrect transport being EPSS 3.5%CVE-2018-1770MEDIUMIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker couEPSS 3.5%CVE-2018-1778HIGHIBM LoopBack (IBM API Connect 2018.1, 2018.4.1, 5.0.8.0, and 5.0.8.4) could allow an attacker to bypass authentication if the AccessToken MoEPSS 3.4%CVE-2018-1822CRITICALIBM FlashSystem 900 product GUI allows a specially crafted attack to bypass the authentication requirements of the system, resulting in the EPSS 3.4%CVE-2020-4432HIGHCertain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate EPSS 3.4%CVE-2017-1407—IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could allow a remote authenticated attacker to execute arbitrary commands on theEPSS 3.4%CVE-2018-1618HIGHIBM Security Privileged Identity Manager Virtual Appliance 2.2.1 could allow a remote attacker to traverse directories on the system. An attEPSS 3.4%CVE-2019-4252MEDIUMIBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. An EPSS 3.4%