|
196721
|
5.3 |
MEDIUM
Adjacent
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to obtain sensitive information using main in the middle attacks due to improper certificate validation. IBM X-Force ID…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-4791
|
2024-11-21 14:33 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196722
|
6.5 |
MEDIUM
Adjacent
|
ibm
|
security_identity_governance_and_intelligence
|
IBM Security Identity Governance and Intelligence 5.2.6 could allow a user to cause a denial of service due to improperly validating a supplied URL, rendering the application unusuable. IBM X-Force I…
|
CWE-20
Improper Input Validation
|
CVE-2020-4790
|
2024-11-21 14:33 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196723
|
5.5 |
MEDIUM
Local
|
ibm
|
powerha
|
IBM PowerHA 7.2 could allow a local attacker to obtain sensitive information from temporary directories after a discovery failure occurs. IBM X-Force ID: 189969.
|
NVD-CWE-noinfo
|
CVE-2020-4832
|
2024-11-21 14:33 |
2021-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196724
|
4.3 |
MEDIUM
Adjacent
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar SIEM 7.3 and 7.4 in some configurations may be vulnerable to a temporary denial of service attack when sent particular payloads. IBM X-Force ID: 194178.
|
NVD-CWE-noinfo
|
CVE-2020-5032
|
2024-11-21 14:33 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196725
|
6.5 |
MEDIUM
Network
|
ibm
|
api_connect
|
IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to web cache poisoning, caused by improper input validation by modifying HTTP request headers. IBM X-Force I…
|
CWE-20
Improper Input Validation
|
CVE-2020-4828
|
2024-11-21 14:33 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196726
|
4.3 |
MEDIUM
Network
|
ibm
|
api_connect
|
IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions tr…
|
CWE-352
Origin Validation Error
|
CVE-2020-4827
|
2024-11-21 14:33 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196727
|
4.3 |
MEDIUM
Network
|
ibm
|
api_connect
|
IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions tr…
|
CWE-352
Origin Validation Error
|
CVE-2020-4826
|
2024-11-21 14:33 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196728
|
5.4 |
MEDIUM
Network
|
ibm
|
api_connect
|
IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI th…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4825
|
2024-11-21 14:33 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196729
|
4.1 |
MEDIUM
Adjacent
|
ibm
|
api_connect
|
Certain IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 configurations can result in sensitive information in the URL fragment identifiers. This information can be cached…
|
CWE-200
Information Exposure
|
CVE-2020-4640
|
2024-11-21 14:33 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196730
|
4.3 |
MEDIUM
Network
|
ibm
|
content_navigator
|
IBM Content Navigator 3.0.CD could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view …
|
CWE-22
Path Traversal
|
CVE-2020-4934
|
2024-11-21 14:33 |
2021-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
