|
196681
|
5.4 |
MEDIUM
Network
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4997
|
2024-11-21 14:33 |
2021-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196682
|
5.4 |
MEDIUM
Network
|
ibm
|
edge_application_manager
|
IBM Edge 4.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cr…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4792
|
2024-11-21 14:33 |
2021-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196683
|
5.5 |
MEDIUM
Local
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2, stores keystore passwords in plain text after a manual edit, which can be read by a local user. …
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2020-4944
|
2024-11-21 14:33 |
2021-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196684
|
5.5 |
MEDIUM
Local
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 190908.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2020-4884
|
2024-11-21 14:33 |
2021-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196685
|
5.4 |
MEDIUM
Network
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 19029…
|
NVD-CWE-noinfo
|
CVE-2020-4848
|
2024-11-21 14:33 |
2021-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196686
|
7.5 |
HIGH
Network
|
ibm
|
elastic_storage_server
elastic_storage_system
|
IBM Elastic Storage System 6.0.0 through 6.0.1.2 and IBM Elastic Storage Server 5.3.0 through 5.3.6.2 could allow a remote attacker to cause a denial of service by sending malformed UDP requests. IBM…
|
NVD-CWE-noinfo
|
CVE-2020-5015
|
2024-11-21 14:33 |
2021-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196687
|
6.1 |
MEDIUM
Network
|
ibm
|
planning_analytics
|
IBM Planning Analytics 2.0 could be vulnerable to a Server-Side Request Forgery (SSRF) attack by constucting URLs from user-controlled data . This could enable attackers to make arbitrary requests to…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-4882
|
2024-11-21 14:33 |
2021-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196688
|
5.3 |
MEDIUM
Network
|
ibm
|
soar
|
IBM Resilient SOAR 40 and earlier could disclose sensitive information by allowing a user to enumerate usernames.
|
NVD-CWE-noinfo
|
CVE-2020-4635
|
2024-11-21 14:33 |
2021-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196689
|
5.5 |
MEDIUM
Local
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 uses an inadequate account lockout setting that could allow a local user er to brute force Rest API account credentials. IBM X-Force…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2020-4891
|
2024-11-21 14:33 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196690
|
4.4 |
MEDIUM
Local
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user with a valid role to the REST API to cause a denial of service due to weak or absense of rate limiting. IBM…
|
NVD-CWE-Other
|
CVE-2020-4890
|
2024-11-21 14:33 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
