|
201081
|
6.7 |
MEDIUM
Local
|
ibm
|
security_guardium
|
IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to extern…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-4190
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201082
|
5.3 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. IBM X-Force ID: 174805.
|
NVD-CWE-noinfo
|
CVE-2020-4187
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201083
|
6.1 |
MEDIUM
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4182
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201084
|
8.8 |
HIGH
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.1 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerabilit…
|
CWE-78
OS Command
|
CVE-2020-4180
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201085
|
9.8 |
CRITICAL
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, o…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-4177
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201086
|
5.9 |
MEDIUM
Network
|
nozbe
|
watermelondb
|
In WatermelonDB (NPM package "@nozbe/watermelondb") before versions 0.15.1 and 0.16.2, a maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and caus…
|
-
|
CVE-2020-4035
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201087
|
4.3 |
MEDIUM
Network
|
atlassian
|
navigator_links
|
The CustomAppsRestResource list resource in Atlassian Navigator Links before version 3.3.23, from version 4.0.0 before version 4.3.7, from version 5.0.0 before 5.0.1, and from version 5.1.0 before 5.…
|
CWE-863
Incorrect Authorization
|
CVE-2020-4026
|
2024-11-21 14:32 |
2020-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201088
|
6.1 |
MEDIUM
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4503
|
2024-11-21 14:32 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201089
|
5.4 |
MEDIUM
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4431
|
2024-11-21 14:32 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201090
|
7.5 |
HIGH
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179001.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4367
|
2024-11-21 14:32 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
