|
197161
|
4.3 |
MEDIUM
Network
|
ibm
|
edge_application_manager
|
IBM Edge 4.2 could reveal sensitive version information about the server from error pages that could aid an attacker in further attacks against the system. IBM X-Force ID: 191941.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-4941
|
2024-11-21 14:33 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197162
|
3.3 |
LOW
Local
|
ibm
|
edge_application_manager
|
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189633.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4809
|
2024-11-21 14:33 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197163
|
3.3 |
LOW
Local
|
ibm
|
edge_application_manager
|
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189539.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4805
|
2024-11-21 14:33 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197164
|
3.3 |
LOW
Local
|
ibm
|
edge_application_manager
|
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189535.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4803
|
2024-11-21 14:33 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197165
|
9.8 |
CRITICAL
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.3 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, o…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-4690
|
2024-11-21 14:33 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197166
|
6.5 |
MEDIUM
Network
|
ibm
|
datapower_gateway
|
IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.16 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user th…
|
CWE-352
Origin Validation Error
|
CVE-2020-4992
|
2024-11-21 14:33 |
2021-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197167
|
5.4 |
MEDIUM
Network
|
ibm
|
api_connect
|
IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote atta…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4706
|
2024-11-21 14:33 |
2021-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197168
|
5.4 |
MEDIUM
Network
|
ibm
|
api_connect
|
IBM API Connect 5.0.0.0 through 5.0.8.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionali…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4707
|
2024-11-21 14:33 |
2021-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197169
|
8.8 |
HIGH
Network
|
dell
|
emc_isilon_onefs
emc_powerscale_onefs
|
The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacke…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-5353
|
2024-11-21 14:33 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197170
|
6.1 |
MEDIUM
Network
|
dell
|
emc_avamar_server
|
Dell EMC Avamar Server contains an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the vi…
|
CWE-601
Open Redirect
|
CVE-2020-5329
|
2024-11-21 14:33 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
