|
197281
|
7.8 |
HIGH
Local
|
ibm
|
security_verify_privilege_manager
|
IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2) is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute …
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-4609
|
2024-11-21 14:32 |
2021-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197282
|
8.8 |
HIGH
Network
|
ibm
|
rational_doors_next_generation
rational_quality_manager
collaborative_lifecycle_management
engineering_test_management
rational_engineering_lifecycle_manager
engineering_lifecycle_mana…
|
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions, caused by improper access control. By sending a specially-crafted request to the REST A…
|
NVD-CWE-Other
|
CVE-2020-4495
|
2024-11-21 14:32 |
2021-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197283
|
10.0 |
CRITICAL
Network
|
ibm
netapp
|
cognos_analytics
oncommand_insight
|
IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in unauthenticated sessions. This allows a remote attacker who can access a valid CA endpoint to read and write fi…
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2020-4561
|
2024-11-21 14:32 |
2021-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197284
|
8.8 |
HIGH
Network
|
ibm
netapp
|
cognos_analytics
oncommand_insight
|
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to inject malicious HTML code that when viewed by the authenticated victim would execute the code. IBM X-Force ID: 182395.
|
CWE-79
Cross-site Scripting
|
CVE-2020-4520
|
2024-11-21 14:32 |
2021-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197285
|
5.4 |
MEDIUM
Network
|
ibm
netapp
|
cognos_analytics
oncommand_insight
|
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pot…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4354
|
2024-11-21 14:32 |
2021-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197286
|
8.2 |
HIGH
Network
|
ibm
netapp
|
cognos_analytics
oncommand_insight
|
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive info…
|
CWE-611
XXE
|
CVE-2020-4300
|
2024-11-21 14:32 |
2021-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197287
|
4.3 |
MEDIUM
Network
|
ibm
|
openpages_grc_platform
|
IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in furt…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-4536
|
2024-11-21 14:32 |
2021-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197288
|
5.4 |
MEDIUM
Network
|
ibm
|
openpages_grc_platform
|
IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potenti…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4535
|
2024-11-21 14:32 |
2021-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197289
|
9.1 |
CRITICAL
Network
|
fossasia
|
susi.ai
|
SUSI.AI is an intelligent Open Source personal assistant. SUSI.AI Server before version d27ed0f has a directory traversal vulnerability due to insufficient input validation. Any admin config and file…
|
CWE-22
Path Traversal
|
CVE-2020-4039
|
2024-11-21 14:32 |
2021-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197290
|
5.3 |
MEDIUM
Network
|
ibm
|
planning_analytics
|
IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information by allowing cross-window communication with unrestricted target origin via documentation frames.
|
NVD-CWE-Other
|
CVE-2020-4562
|
2024-11-21 14:32 |
2021-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
