|
202241
|
4.3 |
MEDIUM
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter ch…
|
NVD-CWE-noinfo
|
CVE-2020-4329
|
2024-11-21 14:32 |
2020-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202242
|
6.5 |
MEDIUM
Network
|
ibm
|
mq
mq_appliance
|
IBM MQ and MQ Appliance 8.0, 9.1 LTS, and 9.1 CD could allow an authenticated user cause a denial of service due to a memory leak. IBM X-Force ID: 175840.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-4267
|
2024-11-21 14:32 |
2020-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202243
|
9.8 |
CRITICAL
Network
|
ibm
|
spectrum_protect
|
IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker to execute arbitrary code on the system …
|
CWE-20
CWE-787
Improper Input Validation
Out-of-bounds Write
|
CVE-2020-4415
|
2024-11-21 14:32 |
2020-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202244
|
4.6 |
MEDIUM
Physics
|
ibm
|
maas360
|
IBM MaaS360 6.82 could allow a user with pysical access to the device to crash the application which may enable the user to access restricted applications and device settings. IBM X-Force ID: 178505.
|
NVD-CWE-noinfo
|
CVE-2020-4353
|
2024-11-21 14:32 |
2020-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202245
|
7.0 |
HIGH
Local
|
ibm
|
tivoli_monitoring
|
IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL f…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-4311
|
2024-11-21 14:32 |
2020-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202246
|
8.8 |
HIGH
Network
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy (UCD) 7.0.3.0 and 7.0.4.0 could allow an authenticated user to impersonate another user if the server is configured to enable Distributed Front End (DFE). IBM X-Force ID: 174955.
|
NVD-CWE-noinfo
|
CVE-2020-4202
|
2024-11-21 14:32 |
2020-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202247
|
6.5 |
MEDIUM
Network
|
hcltech
|
connections
|
"HCL Connections is vulnerable to possible information leakage and could disclose sensitive information via stack trace to a local user."
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-4085
|
2024-11-21 14:32 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202248
|
7.5 |
HIGH
Network
|
vmware
|
installbuilder
|
InstallBuilder AutoUpdate tool and regular installers enabling <checkForUpdates> built with versions earlier than 19.11 are vulnerable to Billion laughs attack (denial-of-service).
|
CWE-776
XML Entity Expansion
|
CVE-2020-3946
|
2024-11-21 14:32 |
2020-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202249
|
7.5 |
HIGH
Network
|
ibm
|
tririga_application_platform
|
IBM TRIRIGA Application Platform 3.5.3 and 3.6.1 discloses sensitive information in error messages that could aid an attacker formulate future attacks. IBM X-Force ID: 175993.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-4277
|
2024-11-21 14:32 |
2020-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202250
|
7.3 |
HIGH
Network
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could be subject to attacks based on privilege escalation due to inappropriate file permissions for files used by WebSphere Application Server N…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-4347
|
2024-11-21 14:32 |
2020-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
