Filtered by vendor Ibm
Subscriptions
Filtered by product Security Guardium
Subscriptions
Total
103 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-1261 | 1 Ibm | 1 Security Guardium | 2024-09-16 | N/A |
| IBM Security Guardium 10.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 124736. | ||||
| CVE-2017-1262 | 1 Ibm | 1 Security Guardium | 2024-09-16 | N/A |
| IBM Security Guardium 10.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning, cross-site scripting, and possibly obtain sensitive information. IBM X-Force ID: 124737. | ||||
| CVE-2017-1596 | 1 Ibm | 1 Security Guardium | 2024-09-16 | N/A |
| IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132550. | ||||
| CVE-2020-4679 | 1 Ibm | 1 Security Guardium | 2024-09-16 | 4.8 Medium |
| IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186424. | ||||
| CVE-2020-4185 | 1 Ibm | 1 Security Guardium | 2024-09-16 | 7.5 High |
| IBM Security Guardium 10.5, 10.6, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174803. | ||||
| CVE-2021-29735 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2024-09-16 | 5.4 Medium |
| IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, and 11.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2017-1258 | 1 Ibm | 1 Security Guardium | 2024-09-16 | N/A |
| IBM Security Guardium 10.0 and 10.1 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 124685 | ||||
| CVE-2020-4690 | 1 Ibm | 1 Security Guardium | 2024-09-16 | 9.8 Critical |
| IBM Security Guardium 11.3 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 186697. | ||||
| CVE-2021-20428 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2024-09-16 | 5.3 Medium |
| IBM Security Guardium 11.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196315. | ||||
| CVE-2021-20377 | 1 Ibm | 1 Security Guardium | 2024-09-16 | 2.7 Low |
| IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 195569. | ||||
| CVE-2021-20386 | 1 Ibm | 1 Security Guardium | 2024-09-16 | 6.1 Medium |
| IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195767. | ||||
| CVE-2017-1257 | 1 Ibm | 1 Security Guardium | 2024-09-16 | N/A |
| IBM Security Guardium 10.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 124684. | ||||
| CVE-2018-1498 | 1 Ibm | 1 Security Guardium | 2024-09-16 | N/A |
| IBM Security Guardium EcoSystem 10.5 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 141223. | ||||
| CVE-2020-4187 | 1 Ibm | 1 Security Guardium | 2024-09-16 | 5.3 Medium |
| IBM Security Guardium 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. IBM X-Force ID: 174805. | ||||
| CVE-2020-4177 | 1 Ibm | 1 Security Guardium | 2024-09-16 | 9.8 Critical |
| IBM Security Guardium 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174732. | ||||
| CVE-2020-4952 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2024-09-16 | 8.8 High |
| IBM Security Guardium 11.2 could allow an authenticated user to gain root access due to improper access control. IBM X-Force ID: 192028. | ||||
| CVE-2018-1889 | 1 Ibm | 1 Security Guardium | 2024-09-16 | N/A |
| IBM Security Guardium 10.0 and 10.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152080. | ||||
| CVE-2019-4292 | 1 Ibm | 1 Security Guardium | 2024-09-16 | 8.8 High |
| IBM Security Guardium 10.5 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable web server. IBM X-Force ID: 160698. | ||||
| CVE-2017-1267 | 1 Ibm | 1 Security Guardium | 2024-09-16 | N/A |
| IBM Security Guardium 10.0 and 10.1 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code. IBM X-Force ID: 124742. | ||||
| CVE-2017-1595 | 1 Ibm | 1 Security Guardium | 2024-09-16 | N/A |
| IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132549. | ||||