|
199191
|
6.1 |
MEDIUM
Network
|
ibm
|
planning_analytics
|
IBM Planning Analytics 2.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker co…
|
CWE-601
Open Redirect
|
CVE-2020-4653
|
2024-11-21 14:33 |
2020-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199192
|
6.5 |
MEDIUM
Network
|
ibm
|
planning_analytics
|
A vulnerability exsists in IBM Planning Analytics 2.0 whereby avatars in Planning Analytics Workspace could be modified by other users without authorization to do so. IBM X-Force ID: 186019.
|
NVD-CWE-noinfo
|
CVE-2020-4648
|
2024-11-21 14:33 |
2020-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199193
|
8.1 |
HIGH
Network
|
ibm
|
spectrum_virtualize
flashsystem_v5000_firmware
flashsystem_v7200_firmware
flashsystem_v9000_firmware
flashsystem_v9100_firmware
flashsystem_v9200_firmware
san_volume_controller_firm…
|
IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678.
|
NVD-CWE-noinfo
|
CVE-2020-4686
|
2024-11-21 14:33 |
2020-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199194
|
8.8 |
HIGH
Network
|
ibm
|
event_streams
|
IBM Event Streams 10.0.0 could allow an authenticated user to perform tasks to a schema due to improper authentication validation. IBM X-Force ID: 186233.
|
CWE-287
Improper Authentication
|
CVE-2020-4662
|
2024-11-21 14:33 |
2020-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199195
|
5.5 |
MEDIUM
Local
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 agent files, in non-default configurations, on Windows are assigned access to everyone with full control permissions, which could allow a local user to…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-4631
|
2024-11-21 14:33 |
2020-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199196
|
5.4 |
MEDIUM
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended f…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4645
|
2024-11-21 14:33 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199197
|
5.4 |
MEDIUM
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0.0 through 2.0.9.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker c…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2020-4644
|
2024-11-21 14:33 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199198
|
7.8 |
HIGH
Local
|
sonicwall
|
netextender
|
SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. T…
|
CWE-20
Improper Input Validation
|
CVE-2020-5131
|
2024-11-21 14:33 |
2020-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199199
|
5.3 |
MEDIUM
Network
|
sonicwall
|
sonicos
|
SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n …
|
CWE-20
Improper Input Validation
|
CVE-2020-5130
|
2024-11-21 14:33 |
2020-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199200
|
6.5 |
MEDIUM
Network
|
traccar
|
traccar
|
Traccar GPS Tracking System before version 4.9 has a LDAP injection vulnerability. It occurs when user input is being used in LDAP search filter. By providing specially crafted input, an attacker can…
|
CWE-74
Injection
|
CVE-2020-5246
|
2024-11-21 14:33 |
2020-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
