|
201721
|
8.6 |
HIGH
Network
|
vmware
|
vrealize_operations
|
vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) has an improper trust store configuration leading to authentication bypass. An unauthenticated remote attacker …
|
CWE-287
Improper Authentication
|
CVE-2020-3944
|
2024-11-21 14:32 |
2020-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201722
|
9.8 |
CRITICAL
Network
|
vmware
|
vrealize_operations
|
vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service which is not securely configured. An unauthenticated remote attacker who has network acc…
|
NVD-CWE-noinfo
|
CVE-2020-3943
|
2024-11-21 14:32 |
2020-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201723
|
6.7 |
MEDIUM
Local
|
ibm
|
db2
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 and 11.5 is vulnerable to an escalation of privilege when an authenticated local attacker with special permissions executes spec…
|
NVD-CWE-noinfo
|
CVE-2020-4230
|
2024-11-21 14:32 |
2020-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201724
|
7.8 |
HIGH
Local
|
ibm
|
db2
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local atta…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-4204
|
2024-11-21 14:32 |
2020-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201725
|
6.5 |
MEDIUM
Network
|
ibm
|
db2
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated attacker to send specially crafted commands to cause a denial of service. IBM X-For…
|
NVD-CWE-noinfo
|
CVE-2020-4200
|
2024-11-21 14:32 |
2020-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201726
|
6.5 |
MEDIUM
Network
|
ibm
|
db2
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 could allow an authenticated attacker to cause a denial of service due to incorrect handling of certain commands. IBM X-Force ID…
|
NVD-CWE-noinfo
|
CVE-2020-4161
|
2024-11-21 14:32 |
2020-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201727
|
7.5 |
HIGH
Network
|
ibm
netapp
|
db2
oncommand_insight
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service fr…
|
NVD-CWE-noinfo
|
CVE-2020-4135
|
2024-11-21 14:32 |
2020-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201728
|
7.2 |
HIGH
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under specialized conditions, could allow an authenticated user to create a maliciously crafted file name which would be misinterpreted as jsp…
|
NVD-CWE-noinfo
|
CVE-2020-4163
|
2024-11-21 14:32 |
2020-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201729
|
6.1 |
MEDIUM
Network
|
sysjust
|
syuan-gu-da-shin
|
SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Cross-Site Scripting(XSS), personal information may be leaked to attackers via the vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2020-3939
|
2024-11-21 14:32 |
2020-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201730
|
5.5 |
MEDIUM
Local
|
ibm
|
storediq
|
IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. IBM X-Force ID: 17…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2020-4224
|
2024-11-21 14:32 |
2020-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
