|
220471
|
5.4 |
MEDIUM
Network
|
ibm
|
cognos_analytics
|
IBM Cognos Analytics 11.0 and 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pot…
|
CWE-79
Cross-site Scripting
|
CVE-2019-4555
|
2024-11-21 13:43 |
2019-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220472
|
4.3 |
MEDIUM
Network
|
ibm
netapp
|
cognos_analytics
oncommand_insight
|
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website tru…
|
CWE-352
Origin Validation Error
|
CVE-2019-4231
|
2024-11-21 13:43 |
2019-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220473
|
7.5 |
HIGH
Network
|
ibm
|
api_connect
|
IBM API Connect 2018.4.1.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 168510.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2019-4609
|
2024-11-21 13:43 |
2019-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220474
|
4.8 |
MEDIUM
Network
|
hcltech
|
appscan_source
|
HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting (XSS) attacks by allowing users to embed arbitrary JavaScript code in the Web UI.
|
CWE-79
Cross-site Scripting
|
CVE-2019-4388
|
2024-11-21 13:43 |
2019-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220475
|
6.5 |
MEDIUM
Network
|
elog_project
fedoraproject
|
elog
fedora
|
ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2019-3996
|
2024-11-21 13:43 |
2019-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220476
|
7.5 |
HIGH
Network
|
elog_project
fedoraproject
|
elog
fedora
|
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. A remote unauthenticated attacker can crash the ELOG server by sending a crafted HTTP …
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-3995
|
2024-11-21 13:43 |
2019-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220477
|
7.5 |
HIGH
Network
|
elog_project
fedoraproject
|
elog
fedora
|
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. A remote unauthenticated attacker can crash the ELOG server by sending multiple HTTP POST reques…
|
CWE-416
Use After Free
|
CVE-2019-3994
|
2024-11-21 13:43 |
2019-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220478
|
7.5 |
HIGH
Network
|
elog_project
fedoraproject
|
elog
fedora
|
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can recover a user's password hash by sending a crafted HTTP POST request.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-3993
|
2024-11-21 13:43 |
2019-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220479
|
7.5 |
HIGH
Network
|
elog_project
fedoraproject
|
elog
fedora
|
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration file by sending an HTTP GET request. Among…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-3992
|
2024-11-21 13:43 |
2019-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220480
|
6.5 |
MEDIUM
Network
|
ibm
|
mq_appliance
|
IBM MQ and IBM MQ Appliance 9.1 CD, 9.1 LTS, 9.0 LTS, and 8.0 is vulnerable to a denial of service attack caused by channels processing poorly formatted messages. IBM X-Force ID: 166357.
|
NVD-CWE-noinfo
|
CVE-2019-4560
|
2024-11-21 13:43 |
2019-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
