| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2018-1872 |
79 |
|
XSS |
2018-11-09 |
2018-12-10 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 151330. |
|
2 |
CVE-2018-1842 |
347 |
|
Bypass |
2018-11-08 |
2018-12-12 |
3.3 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
None |
|
IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. IBM X-Force ID: 150902. |
|
3 |
CVE-2018-1820 |
79 |
|
XSS |
2018-09-27 |
2018-11-14 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150096. |
|
4 |
CVE-2018-1812 |
79 |
|
XSS |
2018-10-05 |
2018-11-28 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Robotic Process Automation with Automation Anywhere Enterprise 10 is vulnerable to persistent cross-site scripting, caused by missing escaping of a database field. An attacker that has access to the Control Room database could exploit this vulnerability to execute script in a victim's web browser within the security context of the hosting Web site, once victim opens a certain page in Control Room. IBM X-Force ID: 149883. |
|
5 |
CVE-2018-1799 |
20 |
|
|
2018-11-08 |
2018-12-12 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local unprivileged user to overwrite files on the system which could cause damage to the database. IBM X-Force ID: 149429. |
|
6 |
CVE-2018-1777 |
79 |
|
XSS |
2018-10-16 |
2018-11-20 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148800. |
|
7 |
CVE-2018-1766 |
79 |
|
XSS |
2018-10-29 |
2018-11-28 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Team Concert (RTC) 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148620. |
|
8 |
CVE-2018-1715 |
79 |
|
XSS |
2018-08-16 |
2018-10-16 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 147003. |
|
9 |
CVE-2018-1706 |
79 |
|
XSS |
2018-10-11 |
2018-11-14 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Spectrum Symphony 7.2.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 146341. |
|
10 |
CVE-2018-1692 |
79 |
|
XSS |
2018-10-02 |
2018-11-20 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 145583. |
|
11 |
CVE-2018-1691 |
79 |
|
XSS |
2018-10-02 |
2018-11-20 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 145582. |
|
12 |
CVE-2018-1690 |
79 |
|
XSS |
2018-08-07 |
2018-10-05 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rhapsody Model Manager 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 145510. |
|
13 |
CVE-2018-1686 |
79 |
|
XSS |
2018-10-05 |
2018-11-28 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 145505. |
|
14 |
CVE-2018-1660 |
79 |
|
XSS |
2018-09-27 |
2018-11-28 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 144886. |
|
15 |
CVE-2018-1659 |
79 |
|
XSS |
2018-09-25 |
2018-11-13 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 144885. |
|
16 |
CVE-2018-1610 |
79 |
|
XSS |
2018-09-26 |
2018-11-28 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 143931. |
|
17 |
CVE-2018-1605 |
79 |
|
XSS |
2018-10-02 |
2018-11-20 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 143795. |
|
18 |
CVE-2018-1604 |
79 |
|
XSS |
2018-10-04 |
2018-11-14 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 143794. |
|
19 |
CVE-2018-1603 |
79 |
|
XSS |
2018-10-04 |
2018-11-20 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 143793. |
|
20 |
CVE-2018-1602 |
79 |
|
XSS |
2018-10-04 |
2018-11-20 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 143792. |
|
21 |
CVE-2018-1601 |
79 |
|
XSS |
2018-10-02 |
2018-11-20 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 143791. |
|
22 |
CVE-2018-1599 |
20 |
|
|
2018-08-22 |
2018-10-31 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 143744. |
|
23 |
CVE-2018-1585 |
79 |
|
XSS |
2018-07-19 |
2018-09-12 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 143498. |
|
24 |
CVE-2018-1560 |
79 |
|
XSS |
2018-09-25 |
2018-11-16 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142958. |
|
25 |
CVE-2018-1558 |
79 |
|
XSS |
2018-10-02 |
2018-11-28 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142956. |
|
26 |
CVE-2018-1557 |
79 |
|
XSS |
2018-10-02 |
2018-11-20 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142955. |
|
27 |
CVE-2018-1556 |
79 |
|
XSS |
2018-07-06 |
2018-08-27 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142893. |
|
28 |
CVE-2018-1555 |
79 |
|
XSS |
2018-07-06 |
2018-08-27 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142892. |
|
29 |
CVE-2018-1554 |
79 |
|
XSS |
2018-08-02 |
2018-10-02 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142891. |
|
30 |
CVE-2018-1541 |
79 |
|
XSS |
2018-10-24 |
2018-11-15 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM WebSphere Commerce Enterprise V7, V8, and V9 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142596. |
|
31 |
CVE-2018-1536 |
79 |
|
XSS |
2018-07-19 |
2018-09-12 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142558. |
|
32 |
CVE-2018-1535 |
79 |
|
XSS |
2018-07-19 |
2018-09-12 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124557. |
|
33 |
CVE-2018-1534 |
79 |
|
XSS |
2018-10-12 |
2018-11-28 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142432. |
|
34 |
CVE-2018-1533 |
79 |
|
XSS |
2018-10-12 |
2018-11-14 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142431. |
|
35 |
CVE-2018-1529 |
79 |
|
XSS |
2018-07-19 |
2018-09-18 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142291. |
|
36 |
CVE-2018-1523 |
79 |
|
XSS |
2018-07-10 |
2018-08-31 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141804. |
|
37 |
CVE-2018-1522 |
79 |
|
XSS |
2018-10-02 |
2018-11-20 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141803. |
|
38 |
CVE-2018-1521 |
79 |
|
XSS |
2018-07-10 |
2018-08-30 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141802. |
|
39 |
CVE-2018-1513 |
79 |
|
XSS |
2018-07-23 |
2018-09-19 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Sterling B2B Integrator Standard Edition 5.2.0 through 5.2.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141551. |
|
40 |
CVE-2018-1507 |
79 |
|
XSS |
2018-06-27 |
2018-08-24 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM DOORS Next Generation (DNG/RRC) 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141415. |
|
41 |
CVE-2018-1502 |
79 |
|
XSS |
2018-05-01 |
2018-06-06 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Content Manager Enterprise Edition Resource Manager 8.4.3 and 9.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141338. |
|
42 |
CVE-2018-1496 |
79 |
|
XSS |
2018-05-31 |
2018-06-29 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM Content Navigator 2.0.3, 3.0.0, 3.0.1, 3.0.2, and 3.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141219. |
|
43 |
CVE-2018-1494 |
79 |
|
XSS |
2018-07-06 |
2018-08-24 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141097. |
|
44 |
CVE-2018-1466 |
326 |
|
|
2018-05-17 |
2018-06-15 |
3.5 |
None |
Remote |
Medium |
Single system |
Partial |
None |
None |
|
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397. |
|
45 |
CVE-2018-1465 |
200 |
|
+Info |
2018-05-17 |
2018-06-15 |
3.5 |
None |
Remote |
Medium |
Single system |
Partial |
None |
None |
|
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396. |
|
46 |
CVE-2018-1461 |
79 |
|
XSS |
2018-05-17 |
2018-06-15 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 140362. |
|
47 |
CVE-2018-1452 |
264 |
|
|
2018-05-25 |
2018-06-22 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140047. |
|
48 |
CVE-2018-1451 |
264 |
|
|
2018-05-25 |
2018-06-25 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140046. |
|
49 |
CVE-2018-1450 |
264 |
|
|
2018-05-25 |
2018-06-22 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140045. |
|
50 |
CVE-2018-1449 |
264 |
|
|
2018-05-25 |
2018-06-22 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140044. |
