|
197411
|
4.4 |
MEDIUM
Local
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 184747.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-4593
|
2024-11-21 14:32 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197412
|
7.8 |
HIGH
Local
|
ibm
|
sterling_connect\
connect\
|
IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, 6.0.0, and 6.1.0 is vulnerable to a stack based buffer ovreflow, caused by improper bounds checking. A local attacker could manipulate CD UNIX to ob…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-4587
|
2024-11-21 14:32 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197413
|
6.5 |
MEDIUM
Network
|
ibm
|
elastic_storage_server
|
IBM Spectrum Scale for IBM Elastic Storage Server 5.3.0 through 5.3.5 could allow an authenticated user to cause a denial of service during deployment while configuring some of the network services. …
|
NVD-CWE-noinfo
|
CVE-2020-4383
|
2024-11-21 14:32 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197414
|
5.5 |
MEDIUM
Local
|
ibm
|
elastic_storage_server
|
IBM Spectrum Scale for IBM Elastic Storage Server 5.3.0 through 5.3.5 could allow an authenticated user to cause a denial of service during deployment or upgrade pertaining to xcat services. IBM X-Fo…
|
NVD-CWE-noinfo
|
CVE-2020-4382
|
2024-11-21 14:32 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197415
|
4.3 |
MEDIUM
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website t…
|
CWE-352
Origin Validation Error
|
CVE-2020-4170
|
2024-11-21 14:32 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197416
|
5.4 |
MEDIUM
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit t…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2020-4165
|
2024-11-21 14:32 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197417
|
5.4 |
MEDIUM
Network
|
vmware
|
app_volumes
|
VMware App Volumes 2.x prior to 2.18.6 and VMware App Volumes 4 prior to 2006 contain a Stored Cross-Site Scripting (XSS) vulnerability. A malicious actor with access to create and edit applications …
|
CWE-79
Cross-site Scripting
|
CVE-2020-3975
|
2024-11-21 14:32 |
2020-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197418
|
5.3 |
MEDIUM
Network
|
vmware
|
vcenter_server
esxi
cloud_foundation
|
VMware ESXi and vCenter Server contain a partial denial of service vulnerability in their respective authentication services. VMware has evaluated the severity of this issue to be in the Moderate sev…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-3976
|
2024-11-21 14:32 |
2020-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197419
|
2.7 |
LOW
Network
|
ibm
|
content_navigator
|
IBM Content Navigator 3.0.7 and 3.0.8 is vulnerable to improper input validation. A malicious administrator could bypass the user interface and send requests to the IBM Content Navigator server with …
|
CWE-20
Improper Input Validation
|
CVE-2020-4548
|
2024-11-21 14:32 |
2020-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197420
|
6.5 |
MEDIUM
Network
|
ibm
|
elastic_storage_server
|
IBM Spectrum Scale for IBM Elastic Storage Server 5.3.0 through 5.3.6 could allow an authenticated user to cause a denial of service during deployment or upgrade if GUI specific services are enabled.…
|
NVD-CWE-noinfo
|
CVE-2020-4381
|
2024-11-21 14:32 |
2020-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
