|
199111
|
7.8 |
HIGH
Local
|
ibm
|
db2
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to exe…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-4701
|
2024-11-21 14:33 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199112
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 6.0.0.0 through 6.0.3.2 and 2.2.0.0 through 2.2.6.5 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie val…
|
NVD-CWE-noinfo
|
CVE-2020-4763
|
2024-11-21 14:33 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199113
|
4.8 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript c…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4705
|
2024-11-21 14:33 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199114
|
8.8 |
HIGH
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with ad…
|
NVD-CWE-noinfo
|
CVE-2020-4700
|
2024-11-21 14:33 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199115
|
6.5 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user to obtain sensitive information from the Dashboard UI. IBM X-Force I…
|
NVD-CWE-noinfo
|
CVE-2020-4692
|
2024-11-21 14:33 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199116
|
5.4 |
MEDIUM
Network
|
ibm
|
business_automation_workflow
|
IBM Business Automation Workflow 20.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functional…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4672
|
2024-11-21 14:33 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199117
|
6.5 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 stores potentially sensitive information in log files that could be read by an authenticatedl user. IB…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-4671
|
2024-11-21 14:33 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199118
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie val…
|
NVD-CWE-noinfo
|
CVE-2020-4665
|
2024-11-21 14:33 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199119
|
8.8 |
HIGH
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which c…
|
CWE-89
SQL Injection
|
CVE-2020-4655
|
2024-11-21 14:33 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199120
|
8.8 |
HIGH
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the atta…
|
CWE-89
SQL Injection
|
CVE-2020-4647
|
2024-11-21 14:33 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
