|
197121
|
8.8 |
HIGH
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.1 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerabilit…
|
CWE-78
OS Command
|
CVE-2020-4180
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197122
|
9.8 |
CRITICAL
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, o…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-4177
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197123
|
5.9 |
MEDIUM
Network
|
nozbe
|
watermelondb
|
In WatermelonDB (NPM package "@nozbe/watermelondb") before versions 0.15.1 and 0.16.2, a maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and caus…
|
-
|
CVE-2020-4035
|
2024-11-21 14:32 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197124
|
4.3 |
MEDIUM
Network
|
atlassian
|
navigator_links
|
The CustomAppsRestResource list resource in Atlassian Navigator Links before version 3.3.23, from version 4.0.0 before version 4.3.7, from version 5.0.0 before 5.0.1, and from version 5.1.0 before 5.…
|
CWE-863
Incorrect Authorization
|
CVE-2020-4026
|
2024-11-21 14:32 |
2020-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197125
|
6.1 |
MEDIUM
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4503
|
2024-11-21 14:32 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197126
|
5.4 |
MEDIUM
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4431
|
2024-11-21 14:32 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197127
|
7.5 |
HIGH
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179001.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4367
|
2024-11-21 14:32 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197128
|
6.1 |
MEDIUM
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4366
|
2024-11-21 14:32 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197129
|
5.4 |
MEDIUM
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4360
|
2024-11-21 14:32 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197130
|
5.4 |
MEDIUM
Network
|
atlassian
|
crucible
fisheye
|
The review coverage resource in Atlassian Fisheye and Crucible before version 4.8.2 allows remote attackers to inject arbitrary HTML or Javascript via a cross site scripting (XSS) vulnerability throu…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4023
|
2024-11-21 14:32 |
2020-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
