|
197451
|
9.8 |
CRITICAL
Network
|
ibm
|
spectrum_protect_operations_center
|
IBM Spectrum Protect Operations Center 7.1.0.000 through 7.1.10 and 8.1.0.000 through 8.1.9 may allow an attacker to execute arbitrary code on the system, caused by improper validation of data prior …
|
CWE-20
Improper Input Validation
|
CVE-2020-4693
|
2024-11-21 14:33 |
2020-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197452
|
4.3 |
MEDIUM
Network
|
ibm
|
content_navigator
|
IBM Content Navigator 3.0.7 and 3.0.8 could allow an authenticated user to view cached content of another user that they should not have access to. IBM X-Force ID: 186679.
|
NVD-CWE-noinfo
|
CVE-2020-4687
|
2024-11-21 14:33 |
2020-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197453
|
6.1 |
MEDIUM
Network
|
ibm
|
planning_analytics
|
IBM Planning Analytics 2.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker co…
|
CWE-601
Open Redirect
|
CVE-2020-4653
|
2024-11-21 14:33 |
2020-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197454
|
6.5 |
MEDIUM
Network
|
ibm
|
planning_analytics
|
A vulnerability exsists in IBM Planning Analytics 2.0 whereby avatars in Planning Analytics Workspace could be modified by other users without authorization to do so. IBM X-Force ID: 186019.
|
NVD-CWE-noinfo
|
CVE-2020-4648
|
2024-11-21 14:33 |
2020-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197455
|
8.1 |
HIGH
Network
|
ibm
|
spectrum_virtualize
flashsystem_v5000_firmware
flashsystem_v7200_firmware
flashsystem_v9000_firmware
flashsystem_v9100_firmware
flashsystem_v9200_firmware
san_volume_controller_firm…
|
IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678.
|
NVD-CWE-noinfo
|
CVE-2020-4686
|
2024-11-21 14:33 |
2020-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197456
|
8.8 |
HIGH
Network
|
ibm
|
event_streams
|
IBM Event Streams 10.0.0 could allow an authenticated user to perform tasks to a schema due to improper authentication validation. IBM X-Force ID: 186233.
|
CWE-287
Improper Authentication
|
CVE-2020-4662
|
2024-11-21 14:33 |
2020-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197457
|
5.5 |
MEDIUM
Local
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 agent files, in non-default configurations, on Windows are assigned access to everyone with full control permissions, which could allow a local user to…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-4631
|
2024-11-21 14:33 |
2020-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197458
|
5.4 |
MEDIUM
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended f…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4645
|
2024-11-21 14:33 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197459
|
5.4 |
MEDIUM
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0.0 through 2.0.9.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker c…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2020-4644
|
2024-11-21 14:33 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197460
|
7.8 |
HIGH
Local
|
sonicwall
|
netextender
|
SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. T…
|
CWE-20
Improper Input Validation
|
CVE-2020-5131
|
2024-11-21 14:33 |
2020-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
