|
207291
|
5.3 |
MEDIUM
Network
|
ibm
|
security_trusteer_pinpoint_detect
|
IBM Security Trusteer Pinpoint Detect 11.6.5 could disclose some information due to using a wildcard in the Access-Control-Allow-Origin header. IBM X-Force ID: 187371.
|
NVD-CWE-noinfo
|
CVE-2020-4708
|
2024-11-21 14:33 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207292
|
6.5 |
MEDIUM
Network
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequen…
|
CWE-22
Path Traversal
|
CVE-2020-4711
|
2024-11-21 14:33 |
2020-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207293
|
8.0 |
HIGH
Network
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server. …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-4703
|
2024-11-21 14:33 |
2020-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207294
|
5.4 |
MEDIUM
Network
|
ibm
|
business_automation_workflow
business_process_manager
|
IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaS…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4698
|
2024-11-21 14:33 |
2020-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207295
|
5.4 |
MEDIUM
Network
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functi…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4702
|
2024-11-21 14:33 |
2020-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207296
|
6.5 |
MEDIUM
Network
|
ibm
|
infosphere_metadata_asset_manager
|
IBM InfoSphere Metadata Asset Manager 11.7 is vulnerable to server-side request forgery. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to su…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-4632
|
2024-11-21 14:33 |
2020-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207297
|
7.2 |
HIGH
Network
|
ibm
|
api_connect
|
IBM API Connect's API Manager 2018.4.1.0 through 2018.4.1.12 is vulnerable to privilege escalation. An invitee to an API Provider organization can escalate privileges by manipulating the invitation l…
|
NVD-CWE-noinfo
|
CVE-2020-4638
|
2024-11-21 14:33 |
2020-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207298
|
9.8 |
CRITICAL
Network
|
ibm
|
spectrum_protect_operations_center
|
IBM Spectrum Protect Operations Center 7.1.0.000 through 7.1.10 and 8.1.0.000 through 8.1.9 may allow an attacker to execute arbitrary code on the system, caused by improper validation of data prior …
|
CWE-20
Improper Input Validation
|
CVE-2020-4693
|
2024-11-21 14:33 |
2020-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207299
|
4.3 |
MEDIUM
Network
|
ibm
|
content_navigator
|
IBM Content Navigator 3.0.7 and 3.0.8 could allow an authenticated user to view cached content of another user that they should not have access to. IBM X-Force ID: 186679.
|
NVD-CWE-noinfo
|
CVE-2020-4687
|
2024-11-21 14:33 |
2020-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207300
|
6.1 |
MEDIUM
Network
|
ibm
|
planning_analytics
|
IBM Planning Analytics 2.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker co…
|
CWE-601
Open Redirect
|
CVE-2020-4653
|
2024-11-21 14:33 |
2020-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
