|
219621
|
8.8 |
HIGH
Network
|
ibm
|
security_access_manager
|
IBM Security Access Manager 9.0.1 through 9.0.6 is affected by a security vulnerability that could allow authenticated users to impersonate other users. IBM X-Force ID: 158331.
|
NVD-CWE-noinfo
|
CVE-2019-4135
|
2024-11-21 13:43 |
2019-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219622
|
6.5 |
MEDIUM
Local
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password in the IBM Spectrum Protect Plus Joblog. This can result in an attacker gaining access to sensitive information as well as vSnap. …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2019-4385
|
2024-11-21 13:43 |
2019-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219623
|
4.3 |
MEDIUM
Network
|
ibm
|
campaign
|
IBM Campaign 9.1.2 and 10.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view a…
|
CWE-22
Path Traversal
|
CVE-2019-4384
|
2024-11-21 13:43 |
2019-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219624
|
8.0 |
HIGH
Network
|
ibm
|
maximo_asset_management
maximo_for_life_sciences
smartcloud_control_desk
tivoli_integration_composer
maximo_for_aviation
maximo_for_utilities
maximo_for_transportation
maximo_for…
|
IBM Maximo Asset Management 7.6 is vulnerable to CSV injection, which could allow a remote authenticated attacker to execute arbirary commands on the system. IBM X-Force ID: 161680.
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2019-4364
|
2024-11-21 13:43 |
2019-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219625
|
5.4 |
MEDIUM
Network
|
ibm
|
maximo_asset_management
maximo_for_life_sciences
smartcloud_control_desk
tivoli_integration_composer
maximo_for_aviation
maximo_for_utilities
maximo_for_transportation
maximo_for…
|
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potent…
|
CWE-79
Cross-site Scripting
|
CVE-2019-4303
|
2024-11-21 13:43 |
2019-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219626
|
8.8 |
HIGH
Network
|
ibm
|
cloud_private
|
IBM Cloud Private 2.1.0, 3.1.0, 3.1.1, and 3.1.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that t…
|
CWE-352
Origin Validation Error
|
CVE-2019-4142
|
2024-11-21 13:43 |
2019-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219627
|
3.3 |
LOW
Local
|
ibm
|
cognos_controller
|
IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158882.
|
CWE-269
Improper Privilege Management
|
CVE-2019-4177
|
2024-11-21 13:43 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219628
|
5.3 |
MEDIUM
Network
|
ibm
|
cognos_controller
|
IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could allow a remote attacker to bypass security restrictions, caused by an error related to insecure HTTP Methods. An attacker could …
|
NVD-CWE-noinfo
|
CVE-2019-4176
|
2024-11-21 13:43 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219629
|
3.3 |
LOW
Local
|
ibm
|
cognos_controller
|
IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158879.
|
CWE-269
Improper Privilege Management
|
CVE-2019-4174
|
2024-11-21 13:43 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219630
|
6.5 |
MEDIUM
Network
|
ibm
|
cognos_controller
|
IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could allow a remote attacker to obtain sensitive information, caused by a flaw in the HTTP OPTIONS method, aka Optionsbleed. By sendi…
|
CWE-200
Information Exposure
|
CVE-2019-4173
|
2024-11-21 13:43 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
