|
199091
|
6.1 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator 5.2.0.0 through 6.0.3.2 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alter…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4657
|
2024-11-21 14:33 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199092
|
7.5 |
HIGH
Network
|
dell
oracle
|
bsafe_micro-edition-suite
http_server
security_service
database
weblogic_server_proxy_plug-in
|
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability resulting i…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-5360
|
2024-11-21 14:33 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199093
|
5.8 |
MEDIUM
Network
|
dell
oracle
|
bsafe_micro-edition-suite
database
weblogic_server_proxy_plug-in
|
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to an Unchecked Return Value Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to mo…
|
CWE-252
Unchecked Return Value
|
CVE-2020-5359
|
2024-11-21 14:33 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199094
|
6.1 |
MEDIUM
Network
|
ibm
|
tivoli_netcool\/impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.19 Interim Fix 7 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vul…
|
CWE-601
Open Redirect
|
CVE-2020-4849
|
2024-11-21 14:33 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199095
|
9.8 |
CRITICAL
Network
|
ibm
|
connect\
|
IBM Connect:Direct for UNIX 6.1.0, 6.0.0, 4.3.0, and 4.2.0 can allow a local or remote user to obtain an authenticated CLI session due to improper authentication methods. IBM X-Force ID: 188516.
|
CWE-287
Improper Authentication
|
CVE-2020-4747
|
2024-11-21 14:33 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199096
|
8.8 |
HIGH
Network
|
ibm
|
resilient_security_orchestration_automation_and_response
|
IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbitrary code on the system, caused by formula injection due to improper input validation.
|
CWE-20
CWE-1236
Improper Input Validation
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2020-4633
|
2024-11-21 14:33 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199097
|
7.8 |
HIGH
Local
|
ibm
|
aix
vios
|
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the ksu user command to gain root privileges. IBM X-Force ID: 189960.
|
NVD-CWE-noinfo
|
CVE-2020-4829
|
2024-11-21 14:33 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199098
|
5.5 |
MEDIUM
Local
|
ibm
|
business_automation_workflow
|
IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 190991.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-4900
|
2024-11-21 14:33 |
2020-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199099
|
4.3 |
MEDIUM
Network
|
ibm
|
cloud_pak_for_security
|
IBM Cloud Pak for Security 1.3.0.1(CP4S) does not invalidate session after logout which could allow an authenticated user to obtain sensitive information from the previous session. IBM X-Force ID: 18…
|
CWE-613
Insufficient Session Expiration
|
CVE-2020-4696
|
2024-11-21 14:33 |
2020-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199100
|
9.0 |
CRITICAL
Network
|
ibm
|
cloud_pak_for_security
|
IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents.…
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2020-4627
|
2024-11-21 14:33 |
2020-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
