|
199741
|
4.8 |
MEDIUM
Network
|
ibm
|
cloud_pak_system
|
IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially l…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4910
|
2024-11-21 14:33 |
2021-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199742
|
4.8 |
MEDIUM
Network
|
ibm
|
cloud_pak_system
|
IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially l…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4909
|
2024-11-21 14:33 |
2021-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199743
|
5.5 |
MEDIUM
Local
|
ibm
|
db2
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow local attacker to cause a denial of service inside the "DB2 Management Service".
|
NVD-CWE-noinfo
|
CVE-2020-4642
|
2024-11-21 14:33 |
2020-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199744
|
9.8 |
CRITICAL
Network
|
ibm
|
loopback
|
Loopback 8.0.0 contains a vulnerability that could allow an attacker to manipulate or pollute Javascript values and cause a denial of service or possibly execute code. IBM X-Force ID: 192706.
|
NVD-CWE-noinfo
|
CVE-2020-4988
|
2024-11-21 14:33 |
2020-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199745
|
7.5 |
HIGH
Network
|
ibm
|
mq
|
IBM MQ 9.2 CD and LTS are vulnerable to a denial of service attack caused by an error processing connecting applications. IBM X-Force ID: 190833.
|
NVD-CWE-noinfo
|
CVE-2020-4870
|
2024-11-21 14:33 |
2020-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199746
|
4.3 |
MEDIUM
Network
|
ibm
|
security_secret_server
|
IBM Security Secret Server 10.6 stores potentially sensitive information in config files that could be read by an authenticated user. IBM X-Force ID: 190048.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2020-4843
|
2024-11-21 14:33 |
2020-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199747
|
4.9 |
MEDIUM
Network
|
ibm
|
security_secret_server
|
IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in fur…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-4842
|
2024-11-21 14:33 |
2020-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199748
|
5.9 |
MEDIUM
Network
|
ibm
|
security_secret_server
|
IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this …
|
CWE-862
Missing Authorization
|
CVE-2020-4841
|
2024-11-21 14:33 |
2020-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199749
|
5.4 |
MEDIUM
Network
|
ibm
|
business_process_manager
automation_workstream_services
business_automation_workflow
|
IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensi…
|
CWE-863
Incorrect Authorization
|
CVE-2020-4794
|
2024-11-21 14:33 |
2020-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199750
|
6.4 |
MEDIUM
Network
|
ibm
|
content_navigator
|
IBM FileNet Content Manager and IBM Content Navigator 3.0.CD is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alteri…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4757
|
2024-11-21 14:33 |
2020-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
