Security_guardium - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Security_guardium
(Ibm)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	112

Date	Id	Summary	Products	Score	Patch	Annotated
2018-12-17	CVE-2017-1265	IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 does not validate, or incorrectly validates, a certificate. This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) techniques. IBM X-Force ID: 124740.	Security_guardium	5.9
2017-12-20	CVE-2017-1598	IBM Security Guardium 10.0 Database Activity Monitor uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 132611.	Security_guardium	7.5
2017-12-20	CVE-2017-1266	IBM Security Guardium 10.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 124741.	Security_guardium	5.4
2017-04-20	CVE-2017-1122	IBM Security Guardium 8.2, 9.0, and 10.0 contains a vulnerability that could allow a local attacker with CLI access to inject arbitrary commands which would be executed as root. IBM X-Force ID: 121174.	Security_guardium	7.4
2017-07-21	CVE-2017-1267	IBM Security Guardium 10.0 and 10.1 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code. IBM X-Force ID: 124742.	Security_guardium	7.5
2017-12-20	CVE-2017-1757	IBM Security Guardium 10.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 135858.	Security_guardium	8.8
2017-12-20	CVE-2017-1600	IBM Security Guardium 10.0 Database Activity Monitor is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132613.	Security_guardium	5.4
2017-12-20	CVE-2017-1596	IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132550.	Security_guardium	5.5
2017-12-20	CVE-2017-1595	IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132549.	Security_guardium	5.5
2017-12-07	CVE-2017-1271	IBM Security Guardium 9.0, 9.1, and 9.5 supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. IBM X-Force ID: 124746.	Security_guardium	7.5