|
196751
|
7.8 |
HIGH
Local
|
ibm
|
spectrum_lsf
spectrum_lsf_suite
|
IBM Spectrum LSF 10.1 and IBM Spectrum LSF Suite 10.2 could allow a user on the local network who has privileges to submit LSF jobs to execute arbitrary commands. IBM X-Force ID: 192586.
|
CWE-287
CWE-798
Improper Authentication
Use of Hard-coded Credentials
|
CVE-2020-4983
|
2024-11-21 14:33 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196752
|
8.8 |
HIGH
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete inform…
|
CWE-89
SQL Injection
|
CVE-2020-4921
|
2024-11-21 14:33 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196753
|
5.5 |
MEDIUM
Local
|
ibm
|
aix
vios
|
IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit a vulnerability in the gencore user command to create arbitrary files in any directory. IBM X-Force ID: 190911.
|
NVD-CWE-noinfo
|
CVE-2020-4887
|
2024-11-21 14:33 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196754
|
7.8 |
HIGH
Local
|
ibm
|
security_guardium
|
IBM Security Guardium 10.6 and 11.2 could allow a local attacker to execute arbitrary commands on the system as an unprivileged user, caused by command injection vulnerability. IBM X-Force ID: 186700.
|
CWE-77
Command Injection
|
CVE-2020-4688
|
2024-11-21 14:33 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196755
|
7.5 |
HIGH
Network
|
ibm
|
planning_analytics
|
IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the lack of server hostname verification for SSL/TLS communication. By sending a specially-crafted …
|
CWE-346
Origin Validation Error
|
CVE-2020-4881
|
2024-11-21 14:33 |
2021-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196756
|
5.3 |
MEDIUM
Network
|
ibm
|
planning_analytics
|
IBM Planning Analytics 2.0 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. IBM X-Force ID: 190836.
|
CWE-863
Incorrect Authorization
|
CVE-2020-4873
|
2024-11-21 14:33 |
2021-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196757
|
5.5 |
MEDIUM
Local
|
ibm
|
planning_analytics
|
IBM Planning Analytics 2.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 190834.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4871
|
2024-11-21 14:33 |
2021-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196758
|
5.4 |
MEDIUM
Network
|
ibm
|
api_connect
|
IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended func…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4838
|
2024-11-21 14:33 |
2021-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196759
|
4.3 |
MEDIUM
Network
|
ibm
|
workload_automation
|
IBM Workload Automation 9.5 stores the server path in URLs that could aid in further attacks against the system. IBM X-Force ID: 186287.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4674
|
2024-11-21 14:33 |
2021-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196760
|
4.3 |
MEDIUM
Network
|
ibm
|
workload_automation
|
IBM Workload Automation 9.5 stores sensitive information in HTML comments that could aid in further attacks against the system. IBM X-Force ID: 186286.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4673
|
2024-11-21 14:33 |
2021-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
