|
195601
|
7.8 |
HIGH
Local
|
oracle
|
openjdk
|
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and e…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2021-20264
|
2024-11-21 14:46 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195602
|
9.8 |
CRITICAL
Network
|
ibm
|
cloud_pak_for_security
|
IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 could allow an attacker to perform unauthorized actions due to improper or missing authentication controls. IBM X-Force ID: 19…
|
CWE-287
Improper Authentication
|
CVE-2021-20578
|
2024-11-21 14:46 |
2021-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195603
|
6.1 |
MEDIUM
Network
|
ibm
|
sterling_order_management
|
IBM Sterling Order Management 9.4, 9.5, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fun…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20554
|
2024-11-21 14:46 |
2021-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195604
|
4.4 |
MEDIUM
Local
|
linux
debian
|
linux_kernel
debian_linux
|
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special us…
|
-
|
CVE-2021-20317
|
2024-11-21 14:46 |
2021-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195605
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote authenciated user to obtain sensitive information. By sending a specially crafted request, the user could disclose a valid filep…
|
NVD-CWE-noinfo
|
CVE-2021-20563
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195606
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information co…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-20485
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195607
|
5.4 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fu…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20484
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195608
|
5.5 |
MEDIUM
Local
|
ibm
|
security_verify_bridge
|
IBM Security Verify Bridge 1.0.5.0 does not properly validate a certificate which could allow a local attacker to obtain sensitive information that could aid in further attacks against the system. IB…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-20435
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195609
|
4.4 |
MEDIUM
Local
|
ibm
|
security_verify_bridge
|
IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 196346.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2021-20434
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195610
|
2.7 |
LOW
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further …
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-20377
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
