|
197141
|
5.5 |
MEDIUM
Local
|
vmware
|
workstation
fusion
esxi
|
VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.5.2) and VMware Fusion (11.x before 11.5.2) contain a denial-of-service vulnerabi…
|
CWE-617
Reachable Assertion
|
CVE-2020-3958
|
2024-11-21 14:32 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197142
|
7.0 |
HIGH
Local
|
vmware
|
fusion
horizon_client
remote_console
|
VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-o…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2020-3957
|
2024-11-21 14:32 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197143
|
6.1 |
MEDIUM
Network
|
ibm
|
business_process_manager
business_automation_workflow
|
IBM Business Automation Workflow 18 and 19, and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An a…
|
NVD-CWE-Other
|
CVE-2020-4490
|
2024-11-21 14:32 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197144
|
7.0 |
HIGH
Local
|
ibm
|
mq_for_hpe_nonstop
|
IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when running in restricted mode. IBM X-Force ID: 178427.
|
NVD-CWE-noinfo
|
CVE-2020-4352
|
2024-11-21 14:32 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197145
|
5.4 |
MEDIUM
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0.0 through 2.0.9 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fun…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4306
|
2024-11-21 14:32 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197146
|
2.7 |
LOW
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This informat…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-4248
|
2024-11-21 14:32 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197147
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended f…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4419
|
2024-11-21 14:32 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197148
|
6.5 |
MEDIUM
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 could disclose highly sensitive information to other authenticated users on the sytem due to incorrect authorization. IBM X-Force ID: 175485.
|
CWE-863
Incorrect Authorization
|
CVE-2020-4249
|
2024-11-21 14:32 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197149
|
7.1 |
HIGH
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to …
|
CWE-611
XXE
|
CVE-2020-4246
|
2024-11-21 14:32 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197150
|
7.5 |
HIGH
Network
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-For…
|
CWE-521
Weak Password Requirements
|
CVE-2020-4245
|
2024-11-21 14:32 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
