|
199961
|
4.3 |
MEDIUM
Network
|
ibm
|
rational_team_concert
|
IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and 6.0.0.1 could allow an authenticated user to obtain sensitive information about build definitions. IB…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-4989
|
2024-11-21 14:33 |
2022-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199962
|
5.5 |
MEDIUM
Local
|
ibm
|
spectrum_scale
|
A security vulnerability in the Spectrum Scale 5.0 and 5.1 allows a non-root user to overflow the mmfsd daemon with requests and preventing the daemon to service other requests. IBM X-Force ID: 19159…
|
NVD-CWE-noinfo
|
CVE-2020-4925
|
2024-11-21 14:33 |
2022-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199963
|
9.8 |
CRITICAL
Network
|
ibm
|
cognos_controller
|
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could allow a remote attacker to bypass security restrictions, caused by improper validation of authentication cookies. IBM X-Force ID: 190847.
|
CWE-287
Improper Authentication
|
CVE-2020-4879
|
2024-11-21 14:33 |
2022-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199964
|
9.8 |
CRITICAL
Network
|
ibm
|
cognos_controller
|
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could be vulnerable to unauthorized modifications by using public fields in public classes. IBM X-Force ID: 190843.
|
CWE-863
Incorrect Authorization
|
CVE-2020-4877
|
2024-11-21 14:33 |
2022-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199965
|
8.2 |
HIGH
Network
|
ibm
|
cognos_controller
|
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose …
|
CWE-611
XXE
|
CVE-2020-4876
|
2024-11-21 14:33 |
2022-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199966
|
8.2 |
HIGH
Network
|
ibm
|
cognos_controller
|
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose …
|
CWE-611
XXE
|
CVE-2020-4875
|
2024-11-21 14:33 |
2022-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199967
|
3.3 |
LOW
Local
|
ibm
netapp
|
cognos_analytics
oncommand_insight
|
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information.
|
CWE-200
Information Exposure
|
CVE-2020-4951
|
2024-11-21 14:33 |
2021-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199968
|
6.5 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive information due to improper permission control. IBM X-Force ID: 186090.
|
NVD-CWE-Other
|
CVE-2020-4654
|
2024-11-21 14:33 |
2021-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199969
|
4.3 |
MEDIUM
Network
|
ibm
|
edge_application_manager
|
IBM Edge 4.2 could reveal sensitive version information about the server from error pages that could aid an attacker in further attacks against the system. IBM X-Force ID: 191941.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-4941
|
2024-11-21 14:33 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199970
|
3.3 |
LOW
Local
|
ibm
|
edge_application_manager
|
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189633.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4809
|
2024-11-21 14:33 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
