IBM InfoSphere BigInsights 2.0 through 2.1.2 does not set the secure flag for the LTPA cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting. Rated low severity (CVSS 2.9). No vendor patch available.
IBM
Privilege Escalation
Infosphere Biginsights
NVD
CVSS 2.0
2.9
EPSS
0.1%
Buffer overflow in the Java GUI Configuration Wizard and Preferences Editor in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.2.5.2, 6.3.x before 6.3.2, and 6.4.x. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.
IBM
Denial Of Service
Buffer Overflow
Java
Microsoft
+1
NVD
CVSS 2.0
2.1
EPSS
0.1%