|
226291
|
7.8 |
HIGH
Local
|
ibm
|
spectrum_protect_operations_center
|
IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents could allow a local attacker to gain elevated privileges on the system, caused by loading a specially crafted library loaded by the dsmqsan…
|
NVD-CWE-noinfo
|
CVE-2019-4088
|
2024-11-21 13:43 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226292
|
9.8 |
CRITICAL
Network
|
ibm
|
spectrum_protect_operations_center
|
IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by servers and storage agents in response to specifical…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-4087
|
2024-11-21 13:43 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226293
|
5.4 |
MEDIUM
Network
|
ibm
|
business_automation_workflow
business_process_manager
|
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, and 19.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu…
|
CWE-79
Cross-site Scripting
|
CVE-2019-4410
|
2024-11-21 13:43 |
2019-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226294
|
6.5 |
MEDIUM
Network
|
ibm
|
db2
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 could allow an authenticated user to execute a function that would cause the server to crash. IBM X-Force ID: 162714.
|
CWE-749
Exposed Dangerous Method or Function
|
CVE-2019-4386
|
2024-11-21 13:43 |
2019-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226295
|
6.7 |
MEDIUM
Local
|
ibm
|
spectrum_protect_plus
|
When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle or MongoDB databases, a redirected restore operation may result in an escalation of user privileges. IBM X-Force ID: …
|
NVD-CWE-noinfo
|
CVE-2019-4383
|
2024-11-21 13:43 |
2019-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226296
|
6.7 |
MEDIUM
Local
|
ibm
|
spectrum_protect_plus
|
When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle, DB2 or MongoDB databases, a redirected restore operation specifying a target path may allow execution of arbitrary c…
|
NVD-CWE-noinfo
|
CVE-2019-4357
|
2024-11-21 13:43 |
2019-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226297
|
5.3 |
MEDIUM
Network
|
ibm
|
robotic_process_automation_with_automation_anywhere
|
IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain sensitive information due to missing authentication in Ignite nodes. IBM X-Force ID: 161412.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-4337
|
2024-11-21 13:43 |
2019-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226298
|
9.8 |
CRITICAL
Network
|
ibm
|
robotic_process_automation_with_automation_anywhere
|
IBM Robotic Process Automation with Automation Anywhere 11 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 161411.
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2019-4336
|
2024-11-21 13:43 |
2019-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226299
|
7.8 |
HIGH
Local
|
ibm
|
db2
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-4322
|
2024-11-21 13:43 |
2019-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226300
|
5.5 |
MEDIUM
Local
|
ibm
|
robotic_process_automation_with_automation_anywhere
|
IBM Robotic Process Automation with Automation Anywhere 11 could allow a local user to obtain highly sensitive information from log files when debugging is enabled. IBM X-Force ID: 160765.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2019-4299
|
2024-11-21 13:43 |
2019-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
