|
198921
|
5.5 |
MEDIUM
Local
|
ibm
|
security_verify_bridge
|
IBM Security Verify Bridge 1.0.5.0 does not properly validate a certificate which could allow a local attacker to obtain sensitive information that could aid in further attacks against the system. IB…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-20435
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198922
|
4.4 |
MEDIUM
Local
|
ibm
|
security_verify_bridge
|
IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 196346.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2021-20434
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198923
|
2.7 |
LOW
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further …
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-20377
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198924
|
6.5 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.3 could allow a an authenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 196345.
|
NVD-CWE-noinfo
|
CVE-2021-20433
|
2024-11-21 14:46 |
2021-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198925
|
5.3 |
MEDIUM
Network
|
ibm
|
security_secret_server
|
IBM Security Secret Server up to 11.0 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer…
|
CWE-200
Information Exposure
|
CVE-2021-20582
|
2024-11-21 14:46 |
2021-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198926
|
5.3 |
MEDIUM
Network
|
ibm
|
security_secret_server
|
IBM Security Secret Server up to 11.0 could allow an attacker to enumerate usernames due to improper input validation. IBM X-Force ID: 199243.
|
CWE-20
Improper Input Validation
|
CVE-2021-20569
|
2024-11-21 14:46 |
2021-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198927
|
4.3 |
MEDIUM
Network
|
ibm
|
security_secret_server
|
IBM Security Secret Server up to 11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used …
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-20508
|
2024-11-21 14:46 |
2021-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198928
|
9.8 |
CRITICAL
Network
|
ibm
|
maximo_asset_management
|
IBM Maximo Asset Management 7.6.0 and 7.6.1 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file con…
|
CWE-74
Injection
|
CVE-2021-20509
|
2024-11-21 14:46 |
2021-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198929
|
9.8 |
CRITICAL
Network
|
libspf2
redhat
fedoraproject
|
libspf2
enterprise_linux
fedora
|
Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-20314
|
2024-11-21 14:46 |
2021-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198930
|
7.5 |
HIGH
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 196314.
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2021-20427
|
2024-11-21 14:46 |
2021-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
