|
199811
|
4.3 |
MEDIUM
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0 through 5.0.5.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a us…
|
CWE-565
Reliance on Cookies without Validation and Integrity Checking
|
CVE-2020-4749
|
2024-11-21 14:33 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199812
|
6.1 |
MEDIUM
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionali…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4748
|
2024-11-21 14:33 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199813
|
7.2 |
HIGH
Network
|
ibm
|
resilient_security_orchestration_automation_and_response
|
IBM Resilient OnPrem 38.2 could allow a privileged user to inject malicious commands through Python3 scripting. IBM X-Force ID: 185503.
|
CWE-77
Command Injection
|
CVE-2020-4636
|
2024-11-21 14:33 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199814
|
5.4 |
MEDIUM
Network
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4741
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199815
|
5.2 |
MEDIUM
Adjacent
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser w…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4740
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199816
|
6.8 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote privileged attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force…
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2020-4689
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199817
|
5.4 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4681
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199818
|
5.4 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4680
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199819
|
4.8 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4679
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199820
|
4.9 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.2 could allow an attacker with admin access to obtain and read files that they normally would not have access to. IBM X-Force ID: 186423.
|
NVD-CWE-noinfo
|
CVE-2020-4678
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
