|
197161
|
6.5 |
MEDIUM
Network
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force…
|
CWE-862
Missing Authorization
|
CVE-2020-4348
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197162
|
7.5 |
HIGH
Network
|
ibm
|
mobilefirst_platform_foundation
|
IBM MobileFirst Platform Foundation 8.0.0.0 stores highly sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server l…
|
CWE-200
Information Exposure
|
CVE-2020-4226
|
2024-11-21 14:32 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197163
|
8.8 |
HIGH
Network
|
vmware
|
vcloud_director
|
VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability. An aut…
|
CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
|
CVE-2020-3956
|
2024-11-21 14:32 |
2020-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197164
|
6.5 |
MEDIUM
Network
|
ibm
|
security_access_manager
|
IBM Security Access Manager Appliance 9.0.7.1 could allow an authenticated user to bypass security by allowing id_token claims manipulation without verification. IBM X-Force ID: 181481.
|
NVD-CWE-noinfo
|
CVE-2020-4461
|
2024-11-21 14:32 |
2020-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197165
|
5.3 |
MEDIUM
Network
|
ibm
|
spectrum_scale
|
The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service security vulnerability. An attacker can force the Spectrum Scale mmfsd…
|
NVD-CWE-noinfo
|
CVE-2020-4412
|
2024-11-21 14:32 |
2020-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197166
|
7.1 |
HIGH
Local
|
ibm
|
spectrum_scale
|
The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cau…
|
CWE-20
Improper Input Validation
|
CVE-2020-4411
|
2024-11-21 14:32 |
2020-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197167
|
5.4 |
MEDIUM
Network
|
ibm
|
infosphere_information_server
infosphere_information_server_on_cloud
|
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4298
|
2024-11-21 14:32 |
2020-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197168
|
6.5 |
MEDIUM
Network
|
ibm
|
infosphere_information_server
infosphere_information_server_on_cloud
|
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user …
|
CWE-352
Origin Validation Error
|
CVE-2020-4286
|
2024-11-21 14:32 |
2020-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197169
|
3.3 |
LOW
Local
|
ibm
|
i
|
IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a specific set of circumstances may allow a local user to obtain sensitive information that they should not have access to. IBM X-Fo…
|
CWE-89
SQL Injection
|
CVE-2020-4345
|
2024-11-21 14:32 |
2020-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197170
|
7.8 |
HIGH
Local
|
ibm
|
i2_analysts_notebook
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted docume…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-4468
|
2024-11-21 14:32 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
