|
200761
|
9.8 |
CRITICAL
Network
|
ibm
|
security_siteprotector_system
|
IBM SiteProtector Appliance 3.1.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external compon…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-4150
|
2024-11-21 14:32 |
2022-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200762
|
5.5 |
MEDIUM
Local
|
ibm
|
security_siteprotector_system
|
IBM SiteProtector Appliance 3.1.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174049.
|
NVD-CWE-noinfo
|
CVE-2020-4138
|
2024-11-21 14:32 |
2022-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200763
|
7.8 |
HIGH
Local
|
hcltech
|
domino
|
HCL Domino is affected by an Insufficient Access Control vulnerability. An authenticated attacker with local access to the system could exploit this vulnerability to attain escalation of privileges, …
|
NVD-CWE-Other
|
CVE-2020-4107
|
2024-11-21 14:32 |
2022-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200764
|
5.9 |
MEDIUM
Network
|
ibm
|
spectrum_protect_plus
|
The IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x server connection to an IBM Spectrum Protect Plus workload agent is subject to a man-in-the-middle attack due to improper certificate validatio…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-4496
|
2024-11-21 14:32 |
2021-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200765
|
5.3 |
MEDIUM
Network
|
ibm
|
security_siteprotector_system
|
IBM Security SiteProtector System 3.1.1 could allow a remote attacker to obtain sensitive information, caused by missing 'HttpOnly' flag. A remote attacker could exploit this vulnerability to obtain …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-4146
|
2024-11-21 14:32 |
2021-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200766
|
5.4 |
MEDIUM
Network
|
ibm
|
security_siteprotector_system
|
IBM Security SiteProtector System 3.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionalit…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4140
|
2024-11-21 14:32 |
2021-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200767
|
5.9 |
MEDIUM
Network
|
ibm
|
qradar_network_security
|
IBM QRadar Network Security 5.4.0 and 5.5.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could e…
|
NVD-CWE-Other
|
CVE-2020-4160
|
2024-11-21 14:32 |
2021-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200768
|
5.4 |
MEDIUM
Network
|
ibm
|
qradar_network_security
|
IBM QRadar Network Security 5.4.0 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended function…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4153
|
2024-11-21 14:32 |
2021-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200769
|
5.9 |
MEDIUM
Network
|
ibm
|
qradar_network_security
|
IBM QRadar Network Security 5.4.0 and 5.5.0 transmits sensitive or security-critical data in cleartext in a communication channel that can be obtained using man in the middle techniques. IBM X-Force …
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-4152
|
2024-11-21 14:32 |
2021-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200770
|
8.4 |
HIGH
Local
|
vmware
|
vsphere_esxi
fusion
workstation
|
VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVM…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-3960
|
2024-11-21 14:32 |
2021-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
