|
196691
|
5.5 |
MEDIUM
Local
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190450.
|
CWE-74
Injection
|
CVE-2020-4851
|
2024-11-21 14:33 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196692
|
7.5 |
HIGH
Network
|
ibm
|
datapower_gateway
|
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 189965.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4831
|
2024-11-21 14:33 |
2021-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196693
|
7.8 |
HIGH
Local
|
ibm
netapp
|
db2
oncommand_insight
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 db2fm is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a loca…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-5025
|
2024-11-21 14:33 |
2021-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196694
|
7.5 |
HIGH
Network
|
ibm
netapp
|
db2
oncommand_insight
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated attacker to cause a denial of service due a hang in the SSL handshake …
|
NVD-CWE-noinfo
|
CVE-2020-5024
|
2024-11-21 14:33 |
2021-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196695
|
4.4 |
MEDIUM
Local
|
ibm
netapp
|
db2
oncommand_insight
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to read and write specific files due to weak file permissions. IBM X-Force I…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-4976
|
2024-11-21 14:33 |
2021-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196696
|
6.5 |
MEDIUM
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. When application security is disabled and JAX-RPC applications are present…
|
CWE-22
Path Traversal
|
CVE-2020-5016
|
2024-11-21 14:33 |
2021-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196697
|
5.5 |
MEDIUM
Local
|
ibm
|
spss_modeler
|
A vulnerability exists in IBM SPSS Modeler Subscription Installer that allows a user with create symbolic link permission to write arbitrary file in another protected path during product installation…
|
CWE-59
Link Following
|
CVE-2020-4717
|
2024-11-21 14:33 |
2021-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196698
|
6.7 |
MEDIUM
Local
|
ibm
|
datapower_gateway
|
IBM DataPower Gateway V10 and V2018 could allow a local attacker with administrative privileges to execute arbitrary code on the system using a server-side requesr forgery attack. IBM X-Force ID: 193…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-5014
|
2024-11-21 14:33 |
2021-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196699
|
6.5 |
MEDIUM
Network
|
ibm
|
api_connect
|
IBM API Connect V10 and V2018 could allow an attacker who has intercepted a registration invitation link to impersonate the registered user or obtain sensitive information. IBM X-Force ID: 191105.
|
NVD-CWE-noinfo
|
CVE-2020-4903
|
2024-11-21 14:33 |
2021-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196700
|
7.5 |
HIGH
Network
|
ibm
|
api_connect
|
IBM API Connect V10 is impacted by insecure communications during database replication. As the data replication happens over insecure communication channels, an attacker can view unencrypted data lea…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-4695
|
2024-11-21 14:33 |
2021-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
