|
197901
|
5.3 |
MEDIUM
Network
|
ibm
|
business_automation_workflow
business_process_manager
|
IBM Business Automation Workflow and IBM Business Process Manager (IBM Business Process Manager Express 8.5.5, 8.5.6, 8.5.7, and 8.6) could allow a remote attacker to obtain sensitive information whe…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-4532
|
2024-11-21 14:32 |
2020-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197902
|
7.3 |
HIGH
Network
|
sanitize_project
|
sanitize
|
In Sanitize (RubyGem sanitize) greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability. When HTML is sanitized using Sanitize's "relaxed" config, or a custom…
|
-
|
CVE-2020-4054
|
2024-11-21 14:32 |
2020-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197903
|
6.8 |
MEDIUM
Network
|
helm
|
helm
|
In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins from a tar archive over HTTP. It is possible for a malicious plugin author…
|
-
|
CVE-2020-4053
|
2024-11-21 14:32 |
2020-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197904
|
6.1 |
MEDIUM
Network
|
requarks
|
wiki.js
|
In Wiki.js before 2.4.107, there is a stored cross-site scripting through template injection. This vulnerability exists due to an insecure validation mechanism intended to insert v-pre tags into rend…
|
-
|
CVE-2020-4052
|
2024-11-21 14:32 |
2020-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197905
|
6.5 |
MEDIUM
Network
|
ibm
|
mq
|
IBM MQ Appliance and IBM MQ AMQP Channels 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD do not correctly block or allow clients based on the certificate distinguished name SSLPEER setting. IBM X-Force ID: 177403.
|
CWE-295
Improper Certificate Validation
|
CVE-2020-4320
|
2024-11-21 14:32 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197906
|
7.5 |
HIGH
Network
|
ibm
|
mq
websphere_mq
|
IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic. IBM X-Force ID: 177081.
|
NVD-CWE-noinfo
|
CVE-2020-4310
|
2024-11-21 14:32 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197907
|
5.4 |
MEDIUM
Network
|
openjsf
debian
netapp
|
dijit
debian_linux
snapcenter
oncommand_workflow_automation
oncommand_insight
active_iq_unified_manager
|
In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than…
|
-
|
CVE-2020-4051
|
2024-11-21 14:32 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197908
|
7.8 |
HIGH
Local
|
vmware
|
horizon_client
|
VMware Horizon Client for Windows (prior to 5.4.3) contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. A local user on the system whe…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-3961
|
2024-11-21 14:32 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197909
|
7.5 |
HIGH
Network
|
ibm
|
spectrum_protect_client
spectrum_protect_for_space_management
|
IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.…
|
CWE-287
Improper Authentication
|
CVE-2020-4494
|
2024-11-21 14:32 |
2020-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197910
|
6.5 |
MEDIUM
Network
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 discloses highly sensitive information in plain text in the virgo log file which could be used in further attacks against the system. IBM X-Force ID: 1…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-4477
|
2024-11-21 14:32 |
2020-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
