|
197621
|
6.5 |
MEDIUM
Network
|
ibm
netapp
|
cognos_analytics
oncommand_insight
|
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that th…
|
CWE-352
Origin Validation Error
|
CVE-2020-4301
|
2024-11-21 14:32 |
2022-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197622
|
7.5 |
HIGH
Network
|
ibm
|
qradar_network_security
|
IBM QRadar Network Security 5.4.0 and 5.5.0 discloses sensitive information to unauthorized users which could be used to mount further attacks against the system. IBM X-Force ID: 174339.
|
CWE-200
Information Exposure
|
CVE-2020-4159
|
2024-11-21 14:32 |
2022-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197623
|
7.5 |
HIGH
Network
|
ibm
|
qradar_network_security
|
IBM QRadar Network Security 5.4.0 and 5.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to exter…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-4157
|
2024-11-21 14:32 |
2022-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197624
|
9.8 |
CRITICAL
Network
|
ibm
|
security_siteprotector_system
|
IBM SiteProtector Appliance 3.1.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external compon…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-4150
|
2024-11-21 14:32 |
2022-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197625
|
5.5 |
MEDIUM
Local
|
ibm
|
security_siteprotector_system
|
IBM SiteProtector Appliance 3.1.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174049.
|
NVD-CWE-noinfo
|
CVE-2020-4138
|
2024-11-21 14:32 |
2022-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197626
|
7.8 |
HIGH
Local
|
hcltech
|
domino
|
HCL Domino is affected by an Insufficient Access Control vulnerability. An authenticated attacker with local access to the system could exploit this vulnerability to attain escalation of privileges, …
|
NVD-CWE-Other
|
CVE-2020-4107
|
2024-11-21 14:32 |
2022-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197627
|
5.9 |
MEDIUM
Network
|
ibm
|
spectrum_protect_plus
|
The IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x server connection to an IBM Spectrum Protect Plus workload agent is subject to a man-in-the-middle attack due to improper certificate validatio…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-4496
|
2024-11-21 14:32 |
2021-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197628
|
5.3 |
MEDIUM
Network
|
ibm
|
security_siteprotector_system
|
IBM Security SiteProtector System 3.1.1 could allow a remote attacker to obtain sensitive information, caused by missing 'HttpOnly' flag. A remote attacker could exploit this vulnerability to obtain …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-4146
|
2024-11-21 14:32 |
2021-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197629
|
5.4 |
MEDIUM
Network
|
ibm
|
security_siteprotector_system
|
IBM Security SiteProtector System 3.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionalit…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4140
|
2024-11-21 14:32 |
2021-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197630
|
5.9 |
MEDIUM
Network
|
ibm
|
qradar_network_security
|
IBM QRadar Network Security 5.4.0 and 5.5.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could e…
|
NVD-CWE-Other
|
CVE-2020-4160
|
2024-11-21 14:32 |
2021-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
