Vulnerabilidades em IBM
4.716 resultadosCVE-2020-4467HIGHIBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruptionEPSS 2.8%CVE-2019-4513HIGHIBM Security Access Manager for Enterprise Single Sign-On 8.2.2 is vulnerable to an XML External Entity Injection (XXE) attack when processiEPSS 2.8%CVE-2020-4633MEDIUMIBM Resilient SOAR V38.0 could allow a remote attacker to execute arbitrary code on the system, caused by formula injection due to improper EPSS 2.7%CVE-2019-4269MEDIUMIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console could allow a remote attacker to obtain sensitive information when a sEPSS 2.7%CVE-2018-1884MEDIUMIBM Case Manager 5.2.0.0, 5.2.0.4, 5.2.1.0, 5.2.1.7, 5.3.0.0, and 5.3.3.0 is vulnerable to a "zip slip" vulnerability which could allow a reEPSS 2.7%CVE-2020-4520HIGHIBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to inject malicious HTML code that when viewed by the authenticated victim EPSS 2.7%CVE-2018-1383—A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and 7.2 daemon which could allow a user with root privileges on one system,EPSS 2.7%CVE-2021-20557HIGHIBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crEPSS 2.7%CVE-2017-1383—IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML dataEPSS 2.7%CVE-2017-1671—IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to traverse directories on the system. An attacker could seEPSS 2.7%CVE-2020-4493CRITICALIBM Maximo Asset Management 7.6.0 and 7.6.1 could allow an attacker to bypass authentication and issue commands using a specially crafted HTEPSS 2.7%CVE-2019-4423MEDIUMIBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 could allow a remote attacker to traverse directories on the system. An attacker could senEPSS 2.7%CVE-2019-4268MEDIUMIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker couEPSS 2.7%CVE-2020-4471MEDIUMIBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an unauthenticated attacker to cause a denial of service or hijack DNS sessions EPSS 2.7%CVE-2017-1696—IBM QRadar 7.2 and 7.3 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-craftEPSS 2.7%CVE-2020-4495HIGHIBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions, caused by improper access coEPSS 2.6%CVE-2017-1376—A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. IBM X-Force ID: 126EPSS 2.6%CVE-2019-4155HIGHIBM API Connect's Developer Portal 2018.1 and 2018.4.1.3 is impacted by a privilege escalation vulnerability when integrated with an OpenID EPSS 2.6%CVE-2019-4261MEDIUMIBM WebSphere MQ V7.1, 7.5, IBM MQ V8, IBM MQ V9.0LTS, IBM MQ V9.1 LTS, and IBM MQ V9.1 CD are vulnerable to a denial of service attack causEPSS 2.6%CVE-2019-4364MEDIUMIBM Maximo Asset Management 7.6 is vulnerable to CSV injection, which could allow a remote authenticated attacker to execute arbirary commanEPSS 2.6%