|
196691
|
7.8 |
HIGH
Local
|
ibm
|
filenet_content_manager
|
IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file con…
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2020-4759
|
2024-11-21 14:33 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196692
|
4.8 |
MEDIUM
Adjacent
|
ibm
|
maximo_spatial_asset_management
|
IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions tran…
|
CWE-352
Origin Validation Error
|
CVE-2020-4651
|
2024-11-21 14:33 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196693
|
3.3 |
LOW
Local
|
ibm
|
maximo_spatial_asset_management
|
IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 186023.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4650
|
2024-11-21 14:33 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196694
|
5.4 |
MEDIUM
Network
|
ibm
|
app_connect_enterprise_certified_container
|
IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malic…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2020-4785
|
2024-11-21 14:33 |
2020-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196695
|
4.3 |
MEDIUM
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 could expose data to non-privleged users by not invalidating TM1Web user sessions. IBM X-Force ID: 186022.
|
CWE-200
Information Exposure
|
CVE-2020-4649
|
2024-11-21 14:33 |
2020-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196696
|
4.3 |
MEDIUM
Adjacent
|
ibm
|
resilient_security_orchestration_automation_and_response
|
IBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server with a spoofed source IP address. IBM X-Force ID: 190567.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2020-4864
|
2024-11-21 14:33 |
2020-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196697
|
7.8 |
HIGH
Local
|
ibm
|
i2_analysts_notebook
|
IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, a…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-4724
|
2024-11-21 14:33 |
2020-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196698
|
7.8 |
HIGH
Local
|
ibm
|
i2_analysts_notebook
|
IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, a…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-4723
|
2024-11-21 14:33 |
2020-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196699
|
7.8 |
HIGH
Local
|
ibm
|
i2_analysts_notebook
|
IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, a…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-4722
|
2024-11-21 14:33 |
2020-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196700
|
7.8 |
HIGH
Local
|
ibm
|
i2_analysts_notebook
|
IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, a…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-4721
|
2024-11-21 14:33 |
2020-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
