|
200031
|
5.4 |
MEDIUM
Network
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 19029…
|
NVD-CWE-noinfo
|
CVE-2020-4848
|
2024-11-21 14:33 |
2021-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200032
|
7.5 |
HIGH
Network
|
ibm
|
elastic_storage_server
elastic_storage_system
|
IBM Elastic Storage System 6.0.0 through 6.0.1.2 and IBM Elastic Storage Server 5.3.0 through 5.3.6.2 could allow a remote attacker to cause a denial of service by sending malformed UDP requests. IBM…
|
NVD-CWE-noinfo
|
CVE-2020-5015
|
2024-11-21 14:33 |
2021-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200033
|
6.1 |
MEDIUM
Network
|
ibm
|
planning_analytics
|
IBM Planning Analytics 2.0 could be vulnerable to a Server-Side Request Forgery (SSRF) attack by constucting URLs from user-controlled data . This could enable attackers to make arbitrary requests to…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-4882
|
2024-11-21 14:33 |
2021-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200034
|
5.3 |
MEDIUM
Network
|
ibm
|
soar
|
IBM Resilient SOAR 40 and earlier could disclose sensitive information by allowing a user to enumerate usernames.
|
NVD-CWE-noinfo
|
CVE-2020-4635
|
2024-11-21 14:33 |
2021-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200035
|
5.5 |
MEDIUM
Local
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 uses an inadequate account lockout setting that could allow a local user er to brute force Rest API account credentials. IBM X-Force…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2020-4891
|
2024-11-21 14:33 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200036
|
4.4 |
MEDIUM
Local
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user with a valid role to the REST API to cause a denial of service due to weak or absense of rate limiting. IBM…
|
NVD-CWE-Other
|
CVE-2020-4890
|
2024-11-21 14:33 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200037
|
5.5 |
MEDIUM
Local
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190450.
|
CWE-74
Injection
|
CVE-2020-4851
|
2024-11-21 14:33 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200038
|
7.5 |
HIGH
Network
|
ibm
|
datapower_gateway
|
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 189965.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4831
|
2024-11-21 14:33 |
2021-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200039
|
7.8 |
HIGH
Local
|
ibm
netapp
|
db2
oncommand_insight
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 db2fm is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a loca…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-5025
|
2024-11-21 14:33 |
2021-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200040
|
7.5 |
HIGH
Network
|
ibm
netapp
|
db2
oncommand_insight
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated attacker to cause a denial of service due a hang in the SSL handshake …
|
NVD-CWE-noinfo
|
CVE-2020-5024
|
2024-11-21 14:33 |
2021-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
