Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security access manager vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2018-1813
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses incomplete blacklisting for input validation which allows malicious users to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 150017.
Ibm Security Access Manager
383
VMScore
CVE-2018-1815
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 for Enterprise Single-Sign On is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pot...
Ibm Security Access Manager
445
VMScore
CVE-2018-1886
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 152021.
Ibm Security Access Manager
356
VMScore
CVE-2018-1805
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 149704.
Ibm Security Access Manager
445
VMScore
CVE-2018-1814
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 150018.
Ibm Security Access Manager
383
VMScore
CVE-2019-4725
IBM Security Access Manager Appliance 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X...
Ibm Security Access Manager
383
VMScore
CVE-2019-4150
IBM Security Access Manager 9.0.1 up to and including 9.0.6 does not validate, or incorrectly validates, a certificate which could allow an malicious user to spoof a trusted entity by using a man-in-the-middle (MITM) attack. IBM X-Force ID: 158510.
Ibm Security Access Manager
320
VMScore
CVE-2019-4152
IBM Security Access Manager 9.0.1 up to and including 9.0.6 does not invalidate session tokens in a timely manner. The lack of proper session expiration may allow attackers with local access to login into a closed browser session. IBM X-Force ID: 158515.
Ibm Security Access Manager
383
VMScore
CVE-2019-4157
IBM Security Access Manager 9.0.1 up to and including 9.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trus...
Ibm Security Access Manager
490
VMScore
CVE-2018-1970
IBM Security Identity Manager 7.0.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 153751.
Ibm Security Access Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »