|
199231
|
6.1 |
MEDIUM
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alter…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4303
|
2024-11-21 14:32 |
2020-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199232
|
6.5 |
MEDIUM
Network
|
ibm
|
cloud_pak_for_automation
process_federation_server
|
The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams infor…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2020-4325
|
2024-11-21 14:32 |
2020-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199233
|
8.8 |
HIGH
Network
|
ibm
|
spectrum_protect_plus
spectrum_scale
|
IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request,…
|
CWE-78
OS Command
|
CVE-2020-4242
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199234
|
8.8 |
HIGH
Network
|
ibm
|
spectrum_protect_plus
spectrum_scale
|
IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request,…
|
CWE-78
OS Command
|
CVE-2020-4241
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199235
|
6.5 |
MEDIUM
Network
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to overwrite or create arbi…
|
CWE-22
Path Traversal
|
CVE-2020-4240
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199236
|
5.3 |
MEDIUM
Network
|
ibm
|
tivoli_netcool\/impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information c…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-4239
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199237
|
8.8 |
HIGH
Network
|
ibm
|
tivoli_netcool\/impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that…
|
CWE-352
Origin Validation Error
|
CVE-2020-4238
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199238
|
8.8 |
HIGH
Network
|
ibm
|
tivoli_netcool\/impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that…
|
CWE-352
Origin Validation Error
|
CVE-2020-4237
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199239
|
6.5 |
MEDIUM
Network
|
ibm
|
tivoli_netcool\/impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow an authenticated user to cause a denial of service due to improper content parsing in the project management module. IBM X-Force ID: 175…
|
NVD-CWE-noinfo
|
CVE-2020-4236
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199240
|
5.4 |
MEDIUM
Network
|
ibm
|
tivoli_netcool\/impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended f…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4235
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
