|
201671
|
9.8 |
CRITICAL
Network
|
vmware
|
vcenter_server
|
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-3952
|
2024-11-21 14:32 |
2020-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201672
|
4.3 |
MEDIUM
Network
|
ibm
|
security_information_queue
|
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could disclose sensitive information to an unauthorized user due to insufficient timeout functionality in the Web UI…
|
CWE-384
Session Fixation
|
CVE-2020-4291
|
2024-11-21 14:32 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201673
|
5.4 |
MEDIUM
Network
|
ibm
|
security_information_queue
|
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow any authenticated user to spoof the configuration owner of any other user which disclose sensitive infor…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2020-4290
|
2024-11-21 14:32 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201674
|
5.3 |
MEDIUM
Network
|
ibm
|
security_information_queue
|
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A rem…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-4289
|
2024-11-21 14:32 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201675
|
5.3 |
MEDIUM
Network
|
ibm
|
security_information_queue
|
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could disclose sensitive information to an unauthorized user due to insufficient timeout functionality in the Web UI…
|
CWE-613
Insufficient Session Expiration
|
CVE-2020-4284
|
2024-11-21 14:32 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201676
|
4.3 |
MEDIUM
Network
|
ibm
|
security_information_queue
|
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow an authenticated user to perform unauthorized actions by bypassing illegal character restrictions. X-For…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2020-4282
|
2024-11-21 14:32 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201677
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_doors_next_generation
doors_next_generation
|
IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the …
|
CWE-79
Cross-site Scripting
|
CVE-2020-4252
|
2024-11-21 14:32 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201678
|
2.7 |
LOW
Network
|
ibm
|
security_information_queue
|
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could expose sensitive information from applicatino errors which could be used in further attacks against the system…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-4164
|
2024-11-21 14:32 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201679
|
7.8 |
HIGH
Local
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 4.2 and 5.0 could allow a local unprivileged attacker with intimate knowledge of the enviornment to execute commands as root using specially crafted input. IBM X-Force ID: 175977.
|
NVD-CWE-noinfo
|
CVE-2020-4273
|
2024-11-21 14:32 |
2020-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201680
|
6.1 |
MEDIUM
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alter…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4304
|
2024-11-21 14:32 |
2020-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
