|
219901
|
8.8 |
HIGH
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to v…
|
CWE-89
SQL Injection
|
CVE-2019-4387
|
2024-11-21 13:43 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219902
|
4.4 |
MEDIUM
Local
|
ibm
|
spectrum_protect_backup-archive_client
|
IBM Spectrum Protect Backup-Archive Client 7.1 and 8.1 may be vulnerable to a denial of service attack due to a timing issue between client and server TCP/IP communications. IBM X-Force ID: 162477.
|
NVD-CWE-noinfo
|
CVE-2019-4406
|
2024-11-21 13:43 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219903
|
5.3 |
MEDIUM
Network
|
ibm
|
tivoli_netcool\/impact
|
IBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 166720.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2019-4570
|
2024-11-21 13:43 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219904
|
5.4 |
MEDIUM
Network
|
ibm
|
tivoli_netcool\/impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended f…
|
CWE-79
Cross-site Scripting
|
CVE-2019-4569
|
2024-11-21 13:43 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219905
|
4.4 |
MEDIUM
Local
|
ibm
|
smartcloud_analytics_log_analysis
|
IBM SmartCloud Analytics 1.3.1 through 1.3.5 allows unauthorized disclosure of information like accessing solrconfig.xml and could allow an attacker to perform disruptive administrator tasks. IBM X-F…
|
NVD-CWE-noinfo
|
CVE-2019-4243
|
2024-11-21 13:43 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219906
|
4.6 |
MEDIUM
Network
|
ibm
|
smartcloud_analytics_log_analysis
|
IBM SmartCloud Analytics 1.3.1 through 1.3.5 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM X-Force ID: 159187.
|
CWE-74
Injection
|
CVE-2019-4216
|
2024-11-21 13:43 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219907
|
6.1 |
MEDIUM
Network
|
ibm
|
smartcloud_analytics_log_analysis
|
IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could e…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2019-4215
|
2024-11-21 13:43 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219908
|
3.7 |
LOW
Network
|
ibm
|
smartcloud_analytics_log_analysis
|
IBM SmartCloud Analytics 1.3.1 through 1.3.5 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in th…
|
CWE-311
CWE-732
Missing Encryption of Sensitive Data
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-4214
|
2024-11-21 13:43 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219909
|
8.8 |
HIGH
Network
|
ibm
|
security_identity_manager
|
IBM Security Identity Manager 6.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to visit a specially…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-4561
|
2024-11-21 13:43 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219910
|
6.5 |
MEDIUM
Network
|
ibm
|
maximo_asset_management
|
IBM Maximo Asset Management 7.6, 7.6.1, and 7.6.1.1 could allow an authenticated user to delete a record that they should not normally be able to. IBM X-Force ID: 165586.
|
NVD-CWE-noinfo
|
CVE-2019-4530
|
2024-11-21 13:43 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
