|
196941
|
6.5 |
MEDIUM
Network
|
vmware
|
sd-wan_orchestrator
|
The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit …
|
CWE-89
SQL Injection
|
CVE-2020-3984
|
2024-11-21 14:32 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196942
|
9.1 |
CRITICAL
Network
|
vmware
|
identity_manager
identity_manager_connector
one_access
vrealize_suite_lifecycle_manager
cloud_foundation
|
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.
|
CWE-78
OS Command
|
CVE-2020-4006
|
2024-11-21 14:32 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196943
|
7.8 |
HIGH
Local
|
vmware
|
cloud_foundation
esxi
|
VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls…
|
NVD-CWE-noinfo
|
CVE-2020-4005
|
2024-11-21 14:32 |
2020-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196944
|
8.2 |
HIGH
Local
|
vmware
|
fusion
workstation
cloud_foundation
esxi
|
VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free v…
|
CWE-416
Use After Free
|
CVE-2020-4004
|
2024-11-21 14:32 |
2020-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196945
|
6.5 |
MEDIUM
Network
|
ibm
|
mq_appliance
|
IBM MQ Appliance 9.1.CD and LTS could allow an authenticated user, under nondefault configuration to cause a data corruption attack due to an error when using segmented messages.
|
NVD-CWE-noinfo
|
CVE-2020-4592
|
2024-11-21 14:32 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196946
|
6.5 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 stores potentially highly sensitive information in log files that could be read by an authenticated us…
|
NVD-CWE-noinfo
|
CVE-2020-4566
|
2024-11-21 14:32 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196947
|
7.5 |
HIGH
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the …
|
NVD-CWE-noinfo
|
CVE-2020-4476
|
2024-11-21 14:32 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196948
|
6.5 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message …
|
NVD-CWE-noinfo
|
CVE-2020-4475
|
2024-11-21 14:32 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196949
|
5.5 |
MEDIUM
Local
|
ibm
|
security_key_lifecycle_manager
|
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, and 4.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 184157.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-4568
|
2024-11-21 14:32 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196950
|
4.3 |
MEDIUM
Network
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could disclose sensitive information to an authenticated user that could be used in further attacks against the system. IBM X-Force I…
|
NVD-CWE-noinfo
|
CVE-2020-4484
|
2024-11-21 14:32 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
