|
196671
|
5.9 |
MEDIUM
Network
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker cou…
|
CWE-862
Missing Authorization
|
CVE-2020-4783
|
2024-11-21 14:33 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196672
|
5.3 |
MEDIUM
Network
|
ibm
|
spectrum_protect_operations_center
|
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.10.and 7.1.0.000 through 7.1.11 could allow a remote attacker to obtain sensitive information, caused by improper authentication of a webs…
|
CWE-287
Improper Authentication
|
CVE-2020-4771
|
2024-11-21 14:33 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196673
|
7.5 |
HIGH
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-For…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4937
|
2024-11-21 14:33 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196674
|
7.8 |
HIGH
Local
|
ibm
|
db2
|
IBM DB2 Accessories Suite for Linux, UNIX, and Windows, DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local authenticated attacker to exe…
|
CWE-426
Untrusted Search Path
|
CVE-2020-4739
|
2024-11-21 14:33 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196675
|
4.7 |
MEDIUM
Local
|
ibm
fedoraproject
oracle
|
vios
aix
fedora
communications_cloud_native_core_binding_support_function
communications_cloud_native_core_policy
communications_cloud_native_core_network_exposure_function
|
IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
|
NVD-CWE-noinfo
|
CVE-2020-4788
|
2024-11-21 14:33 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196676
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering …
|
CWE-79
Cross-site Scripting
|
CVE-2020-4718
|
2024-11-21 14:33 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196677
|
7.8 |
HIGH
Local
|
ibm
|
db2
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to exe…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-4701
|
2024-11-21 14:33 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196678
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 6.0.0.0 through 6.0.3.2 and 2.2.0.0 through 2.2.6.5 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie val…
|
NVD-CWE-noinfo
|
CVE-2020-4763
|
2024-11-21 14:33 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196679
|
4.8 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript c…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4705
|
2024-11-21 14:33 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196680
|
8.8 |
HIGH
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with ad…
|
NVD-CWE-noinfo
|
CVE-2020-4700
|
2024-11-21 14:33 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
