|
202301
|
5.4 |
MEDIUM
Network
|
hcltech
|
connections
|
The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-c…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4082
|
2024-11-21 14:32 |
2020-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202302
|
7.8 |
HIGH
Local
|
ibm
|
platform_lsf
spectrum_lsf
spectrum_computing_for_high_performance_analytics
|
IBM Platform LSF 9.1 and 10.1, IBM Spectrum LSF Suite 10.2, and IBM Spectrum Suite for HPA 10.2 could allow a local user to escalate their privileges due to weak file permissions when specific debug …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-4278
|
2024-11-21 14:32 |
2020-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202303
|
5.4 |
MEDIUM
Network
|
ibm
|
tivoli_netcool\/omnibus
|
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality p…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4198
|
2024-11-21 14:32 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202304
|
2.4 |
LOW
Physics
|
ibm
|
tivoli_netcool\/omnibus
|
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174908.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4197
|
2024-11-21 14:32 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202305
|
5.4 |
MEDIUM
Network
|
ibm
|
tivoli_netcool\/omnibus
|
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality p…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4196
|
2024-11-21 14:32 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202306
|
5.3 |
MEDIUM
Network
|
ibm
|
security_information_queue
|
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 uses a cross-domain policy file that includes domains that should not be trusted which could disclose sensitive information…
|
NVD-CWE-noinfo
|
CVE-2020-4292
|
2024-11-21 14:32 |
2020-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202307
|
8.6 |
HIGH
Network
|
ibm
|
security_information_queue
|
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication,…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-4283
|
2024-11-21 14:32 |
2020-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202308
|
9.8 |
CRITICAL
Network
|
ibm
|
spectrum_protect
|
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerabil…
|
CWE-78
OS Command
|
CVE-2020-4222
|
2024-11-21 14:32 |
2020-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202309
|
9.8 |
CRITICAL
Network
|
ibm
|
spectrum_protect
|
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerabil…
|
CWE-78
OS Command
|
CVE-2020-4213
|
2024-11-21 14:32 |
2020-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202310
|
9.8 |
CRITICAL
Network
|
ibm
|
spectrum_protect
|
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerabil…
|
CWE-20
Improper Input Validation
|
CVE-2020-4212
|
2024-11-21 14:32 |
2020-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
