|
196661
|
8.8 |
HIGH
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in …
|
CWE-89
SQL Injection
|
CVE-2020-4990
|
2024-11-21 14:33 |
2021-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196662
|
7.5 |
HIGH
Network
|
ibm
|
gpfs.tct.server
|
IBM Spectrum Scale 1.1.1.0 through 1.1.8.4 Transparent Cloud Tiering could allow a remote attacker to obtain sensitive information, caused by the leftover files after configuration. IBM X-Force ID: 1…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2020-4850
|
2024-11-21 14:33 |
2021-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196663
|
3.3 |
LOW
Local
|
ibm
|
cloud_pak_for_multicloud_management
|
IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 188902.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4765
|
2024-11-21 14:33 |
2021-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196664
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5, 6.0.0.0 through 6.0.3.3, and 6.1.0.0 through 6.1.0.2 could allow an authenticated user to view pages they shoiuld not have access…
|
NVD-CWE-Other
|
CVE-2020-4646
|
2024-11-21 14:33 |
2021-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196665
|
9.1 |
CRITICAL
Network
|
ibm
|
planning_analytics_local
planning_analytics_cloud
|
IBM Planning Analytics Local 2.0 connects to a Redis server. The Redis server, an in-memory data structure store, running on the remote host is not protected by password authentication. A remote atta…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-4670
|
2024-11-21 14:33 |
2021-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196666
|
9.1 |
CRITICAL
Network
|
ibm
|
planning_analytics_local
planning_analytics_cloud
|
IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without passwor…
|
CWE-862
Missing Authorization
|
CVE-2020-4669
|
2024-11-21 14:33 |
2021-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196667
|
7.5 |
HIGH
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0 could allow an attacker to obtain sensitive information due to accepting body parameters in a query. IBM X-Force ID: 192642.
|
NVD-CWE-noinfo
|
CVE-2020-4985
|
2024-11-21 14:33 |
2021-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196668
|
2.4 |
LOW
Network
|
ibm
|
cloud_pak_for_security
|
IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper …
|
CWE-20
Improper Input Validation
|
CVE-2020-4811
|
2024-11-21 14:33 |
2021-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196669
|
6.5 |
MEDIUM
Network
|
ibm
|
robotic_process_automation_with_automation_anywhere
|
IBM Robotic Process Automation with Automation Anywhere 11.0 could allow an attacker on the network to obtain sensitive information or cause a denial of service through username enumeration. IBM X-Fo…
|
NVD-CWE-noinfo
|
CVE-2020-4901
|
2024-11-21 14:33 |
2021-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196670
|
8.1 |
HIGH
Network
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar SIEM 7.3 and 7.4 may vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information…
|
CWE-611
XXE
|
CVE-2020-5013
|
2024-11-21 14:33 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
