|
198151
|
7.5 |
HIGH
Network
|
ibm
|
sterling_connect\
|
IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. Bysending a specially crafted reques…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-4767
|
2024-11-21 14:33 |
2020-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198152
|
8.6 |
HIGH
Local
|
sonicwall
|
global_vpn_client
|
SonicWall Global VPN client version 4.10.4.0314 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target s…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-5145
|
2024-11-21 14:33 |
2020-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198153
|
7.8 |
HIGH
Local
|
sonicwall
|
global_vpn_client
|
SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability.
|
CWE-426
Untrusted Search Path
|
CVE-2020-5144
|
2024-11-21 14:33 |
2020-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198154
|
5.5 |
MEDIUM
Local
|
ibm
|
spectrum_scale
elastic_storage_server
|
IBM Spectrum Scale V4.2.0.0 through V4.2.3.23 and V5.0.0.0 through V5.0.5.2 as well as IBM Elastic Storage System 6.0.0 through 6.0.1.0 could allow a local attacker to invoke a subset of ioctls on th…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2020-4756
|
2024-11-21 14:33 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198155
|
5.4 |
MEDIUM
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionali…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4755
|
2024-11-21 14:33 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198156
|
4.3 |
MEDIUM
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0 through 5.0.5.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a us…
|
CWE-565
Reliance on Cookies without Validation and Integrity Checking
|
CVE-2020-4749
|
2024-11-21 14:33 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198157
|
6.1 |
MEDIUM
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionali…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4748
|
2024-11-21 14:33 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198158
|
7.2 |
HIGH
Network
|
ibm
|
resilient_security_orchestration_automation_and_response
|
IBM Resilient OnPrem 38.2 could allow a privileged user to inject malicious commands through Python3 scripting. IBM X-Force ID: 185503.
|
CWE-77
Command Injection
|
CVE-2020-4636
|
2024-11-21 14:33 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198159
|
5.4 |
MEDIUM
Network
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4741
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198160
|
5.2 |
MEDIUM
Adjacent
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser w…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4740
|
2024-11-21 14:33 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
