|
201361
|
5.5 |
MEDIUM
Local
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale V5.0.0.0 through V5.0.4.3 and V4.2.0.0 through V4.2.3.21 could allow a local attacker to cause a denial of service crashing the kernel by sending a subset of ioctls on the device w…
|
CWE-88
Argument Injection
|
CVE-2020-4492
|
2024-11-21 14:32 |
2020-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201362
|
3.3 |
LOW
Local
|
ibm
|
spectrum_protect_server
|
IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted c…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2020-4591
|
2024-11-21 14:32 |
2020-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201363
|
7.5 |
HIGH
Network
|
ibm
|
spectrum_protect
|
IBM Spectrum Protect 7.1 and 8.1 could allow an attacker to cause a denial of service due ti improper validation of user-supplied input. IBM X-Force ID: 183613.
|
CWE-20
Improper Input Validation
|
CVE-2020-4559
|
2024-11-21 14:32 |
2020-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201364
|
7.2 |
HIGH
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other wea…
|
CWE-269
Improper Privilege Management
|
CVE-2020-4603
|
2024-11-21 14:32 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201365
|
6.1 |
MEDIUM
Network
|
ibm
|
websphere_virtual_enterprise
websphere_application_server
|
IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured.
|
CWE-79
Cross-site Scripting
|
CVE-2020-4575
|
2024-11-21 14:32 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201366
|
5.9 |
MEDIUM
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit …
|
CWE-862
Missing Authorization
|
CVE-2020-4175
|
2024-11-21 14:32 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201367
|
7.5 |
HIGH
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174683.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4174
|
2024-11-21 14:32 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201368
|
5.3 |
MEDIUM
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer …
|
CWE-200
Information Exposure
|
CVE-2020-4172
|
2024-11-21 14:32 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201369
|
4.3 |
MEDIUM
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174407.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4171
|
2024-11-21 14:32 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201370
|
7.5 |
HIGH
Network
|
ibm
|
security_guardium_insights
|
IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174405.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4169
|
2024-11-21 14:32 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
