|
207031
|
6.5 |
MEDIUM
Adjacent
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar SIEM 7.3 and 7.4 uses less secure methods for protecting data in transit between hosts when encrypt host connections is not enabled as well as data at rest. IBM X-Force ID: 192539.
|
CWE-312
CWE-319
Cleartext Storage of Sensitive Information
Cleartext Transmission of Sensitive Information
|
CVE-2020-4980
|
2024-11-21 14:33 |
2021-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207032
|
9.8 |
CRITICAL
Network
|
ibm
|
infosphere_data_replication
infosphere_change_data_capture
|
IBM InfoSphere Data Replication 11.4 and IBM InfoSphere Change Data Capture for z/OS 10.2.1, under certain configurations, could allow a user to bypass authentication mechanisms using an empty passwo…
|
CWE-287
Improper Authentication
|
CVE-2020-4821
|
2024-11-21 14:33 |
2021-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207033
|
6.5 |
MEDIUM
Network
|
ibm
|
infosphere_master_data_management_server
|
IBM InfoSphere Master Data Management Server 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that …
|
CWE-352
Origin Validation Error
|
CVE-2020-4675
|
2024-11-21 14:33 |
2021-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207034
|
8.8 |
HIGH
Network
|
ibm
|
mq_appliance
|
IBM MQ Appliance 9.1 and 9.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. I…
|
CWE-352
Origin Validation Error
|
CVE-2020-4938
|
2024-11-21 14:33 |
2021-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207035
|
5.4 |
MEDIUM
Network
|
ibm
|
datacap_navigator
|
IBM Datacap Fastdoc Capture (IBM Datacap Navigator 9.1.7 ) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the in…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4935
|
2024-11-21 14:33 |
2021-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207036
|
8.8 |
HIGH
Network
|
ibm
|
datacap_navigator
|
IBM Datacap Taskmaster Capture (IBM Datacap Navigator 9.1.7) is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add…
|
CWE-89
SQL Injection
|
CVE-2020-4902
|
2024-11-21 14:33 |
2021-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207037
|
8.1 |
HIGH
Network
|
ibm
|
db2
|
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to overwrite arbirary files due to improper group permissions. IBM X-Force ID: 191945.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-4945
|
2024-11-21 14:33 |
2021-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207038
|
4.7 |
MEDIUM
Local
|
ibm
|
db2
|
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow a local user to access and change the configuration of Db2 due to a race condition of a symbolic link,. IBM X-Force …
|
CWE-59
Link Following
|
CVE-2020-4885
|
2024-11-21 14:33 |
2021-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207039
|
5.4 |
MEDIUM
Network
|
ibm
|
financial_transaction_manager
|
IBM Financial Transaction Manager 3.2.0 through 3.2.8 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intende…
|
CWE-79
Cross-site Scripting
|
CVE-2020-5000
|
2024-11-21 14:33 |
2021-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207040
|
9.1 |
CRITICAL
Network
|
ibm
|
financial_transaction_manager
|
IBM Financial Transaction Manager 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive…
|
CWE-611
XXE
|
CVE-2020-5003
|
2024-11-21 14:33 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
