|
197291
|
5.5 |
MEDIUM
Local
|
ibm
|
aix
vios
|
IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit a vulnerability in the gencore user command to create arbitrary files in any directory. IBM X-Force ID: 190911.
|
NVD-CWE-noinfo
|
CVE-2020-4887
|
2024-11-21 14:33 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197292
|
7.8 |
HIGH
Local
|
ibm
|
security_guardium
|
IBM Security Guardium 10.6 and 11.2 could allow a local attacker to execute arbitrary commands on the system as an unprivileged user, caused by command injection vulnerability. IBM X-Force ID: 186700.
|
CWE-77
Command Injection
|
CVE-2020-4688
|
2024-11-21 14:33 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197293
|
7.5 |
HIGH
Network
|
ibm
|
planning_analytics
|
IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the lack of server hostname verification for SSL/TLS communication. By sending a specially-crafted …
|
CWE-346
Origin Validation Error
|
CVE-2020-4881
|
2024-11-21 14:33 |
2021-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197294
|
5.3 |
MEDIUM
Network
|
ibm
|
planning_analytics
|
IBM Planning Analytics 2.0 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. IBM X-Force ID: 190836.
|
CWE-863
Incorrect Authorization
|
CVE-2020-4873
|
2024-11-21 14:33 |
2021-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197295
|
5.5 |
MEDIUM
Local
|
ibm
|
planning_analytics
|
IBM Planning Analytics 2.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 190834.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4871
|
2024-11-21 14:33 |
2021-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197296
|
5.4 |
MEDIUM
Network
|
ibm
|
api_connect
|
IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended func…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4838
|
2024-11-21 14:33 |
2021-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197297
|
4.3 |
MEDIUM
Network
|
ibm
|
workload_automation
|
IBM Workload Automation 9.5 stores the server path in URLs that could aid in further attacks against the system. IBM X-Force ID: 186287.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4674
|
2024-11-21 14:33 |
2021-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197298
|
4.3 |
MEDIUM
Network
|
ibm
|
workload_automation
|
IBM Workload Automation 9.5 stores sensitive information in HTML comments that could aid in further attacks against the system. IBM X-Force ID: 186286.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4673
|
2024-11-21 14:33 |
2021-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197299
|
6.5 |
MEDIUM
Network
|
ibm
|
mq_appliance
|
IBM MQ Appliance 9.2 CD and 9.2 LTS is vulnerable to a denial of service, caused by a buffer overflow. A remote attacker could send a specially crafted SNMP query to cause the appliance to reload. IB…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-4869
|
2024-11-21 14:33 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197300
|
5.3 |
MEDIUM
Local
|
sonicwall
|
netextender
|
SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privileges in the host operating system. This vulnerability impac…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2020-5147
|
2024-11-21 14:33 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
