|
200291
|
5.5 |
MEDIUM
Local
|
ibm
|
spectrum_scale
|
A security vulnerability in the Spectrum Scale 5.0 and 5.1 allows a non-root user to overflow the mmfsd daemon with requests and preventing the daemon to service other requests. IBM X-Force ID: 19159…
|
NVD-CWE-noinfo
|
CVE-2020-4925
|
2024-11-21 14:33 |
2022-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200292
|
9.8 |
CRITICAL
Network
|
ibm
|
cognos_controller
|
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could allow a remote attacker to bypass security restrictions, caused by improper validation of authentication cookies. IBM X-Force ID: 190847.
|
CWE-287
Improper Authentication
|
CVE-2020-4879
|
2024-11-21 14:33 |
2022-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200293
|
9.8 |
CRITICAL
Network
|
ibm
|
cognos_controller
|
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could be vulnerable to unauthorized modifications by using public fields in public classes. IBM X-Force ID: 190843.
|
CWE-863
Incorrect Authorization
|
CVE-2020-4877
|
2024-11-21 14:33 |
2022-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200294
|
8.2 |
HIGH
Network
|
ibm
|
cognos_controller
|
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose …
|
CWE-611
XXE
|
CVE-2020-4876
|
2024-11-21 14:33 |
2022-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200295
|
8.2 |
HIGH
Network
|
ibm
|
cognos_controller
|
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose …
|
CWE-611
XXE
|
CVE-2020-4875
|
2024-11-21 14:33 |
2022-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200296
|
3.3 |
LOW
Local
|
ibm
netapp
|
cognos_analytics
oncommand_insight
|
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information.
|
CWE-200
Information Exposure
|
CVE-2020-4951
|
2024-11-21 14:33 |
2021-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200297
|
6.5 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive information due to improper permission control. IBM X-Force ID: 186090.
|
NVD-CWE-Other
|
CVE-2020-4654
|
2024-11-21 14:33 |
2021-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200298
|
4.3 |
MEDIUM
Network
|
ibm
|
edge_application_manager
|
IBM Edge 4.2 could reveal sensitive version information about the server from error pages that could aid an attacker in further attacks against the system. IBM X-Force ID: 191941.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-4941
|
2024-11-21 14:33 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200299
|
3.3 |
LOW
Local
|
ibm
|
edge_application_manager
|
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189633.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4809
|
2024-11-21 14:33 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200300
|
3.3 |
LOW
Local
|
ibm
|
edge_application_manager
|
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189539.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4805
|
2024-11-21 14:33 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
