|
201231
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated attacker to enumerate usernames due to there being an observable discrepancy in returned messages. IBM X-Force ID: 19556…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-20376
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201232
|
6.5 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to intercept and replace a message sent by another user due to improper access controls. IBM X-Force ID: 195567.
|
NVD-CWE-Other
|
CVE-2021-20375
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201233
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote authenticated user to cause a denial of another user's service due to insufficient permission checking. IBM X-Force ID: 195518.
|
NVD-CWE-Other
|
CVE-2021-20372
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201234
|
7.8 |
HIGH
Local
|
oracle
|
openjdk
|
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and e…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2021-20264
|
2024-11-21 14:46 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201235
|
9.8 |
CRITICAL
Network
|
ibm
|
cloud_pak_for_security
|
IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 could allow an attacker to perform unauthorized actions due to improper or missing authentication controls. IBM X-Force ID: 19…
|
CWE-287
Improper Authentication
|
CVE-2021-20578
|
2024-11-21 14:46 |
2021-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201236
|
6.1 |
MEDIUM
Network
|
ibm
|
sterling_order_management
|
IBM Sterling Order Management 9.4, 9.5, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fun…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20554
|
2024-11-21 14:46 |
2021-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201237
|
4.4 |
MEDIUM
Local
|
linux
debian
|
linux_kernel
debian_linux
|
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special us…
|
-
|
CVE-2021-20317
|
2024-11-21 14:46 |
2021-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201238
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote authenciated user to obtain sensitive information. By sending a specially crafted request, the user could disclose a valid filep…
|
NVD-CWE-noinfo
|
CVE-2021-20563
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201239
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information co…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-20485
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201240
|
5.4 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fu…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20484
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
