|
197701
|
5.5 |
MEDIUM
Local
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale V4.2.0.0 through V4.2.3.22 and V5.0.0.0 through V5.0.5 could allow a local attacker to cause a denial of service by sending a large number of RPC requests to the mmfsd daemon which…
|
NVD-CWE-noinfo
|
CVE-2020-4491
|
2024-11-21 14:32 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197702
|
7.7 |
HIGH
Network
|
vmware
|
esxi
cloud_foundation
workstation
workstation_player
fusion
|
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds write vuln…
|
CWE-787
CWE-367
Out-of-bounds Write
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2020-3982
|
2024-11-21 14:32 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197703
|
7.5 |
HIGH
Network
|
ibm
|
security_guardium_big_data_intelligence
|
IBM Security Guardium Big Data Intelligence 1.0 (SonarG) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 17556…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4254
|
2024-11-21 14:32 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197704
|
7.1 |
HIGH
Local
|
vmware
|
horizon_client
|
VMware Horizon Client for Windows (5.x before 5.5.0) contains a denial-of-service vulnerability due to a file system access control issue during install time. Successful exploitation of this issue ma…
|
NVD-CWE-Other
|
CVE-2020-3991
|
2024-11-21 14:32 |
2020-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197705
|
9.8 |
CRITICAL
Network
|
ibm
|
security_verify_access
security_access_manager
|
IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applicati…
|
NVD-CWE-noinfo
|
CVE-2020-4499
|
2024-11-21 14:32 |
2020-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197706
|
5.4 |
MEDIUM
Network
|
ibm
|
security_access_manager_appliance
|
IBM Security Access Manager Appliance 9.0.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 179358.
|
CWE-613
Insufficient Session Expiration
|
CVE-2020-4395
|
2024-11-21 14:32 |
2020-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197707
|
8.2 |
HIGH
Network
|
ibm
|
cognos_analytics
|
IBM Cognos Analytics 11.0 and 11.1 could be vulnerable to a denial of service attack by failing to catch exceptions in a servlet also exposing debug information could also be used in future attacks. …
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2020-4388
|
2024-11-21 14:32 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197708
|
7.8 |
HIGH
Local
|
ibm
|
cognos_analytics
|
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to execute arbitrary code on the system, caused by a CSV injection. By persuading a victim to open a specially-crafted excel file, an …
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2020-4302
|
2024-11-21 14:32 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197709
|
8.8 |
HIGH
Network
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-4280
|
2024-11-21 14:32 |
2020-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197710
|
5.5 |
MEDIUM
Local
|
ibm
|
datapower_gateway
|
IBM MQ Appliance (IBM DataPower Gateway 10.0.0.0 and 2018.4.1.0 through 2018.4.1.12) could allow a local user, under special conditions, to obtain highly sensitive information from log files. IBM X-F…
|
NVD-CWE-noinfo
|
CVE-2020-4528
|
2024-11-21 14:32 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
