|
200861
|
7.5 |
HIGH
Network
|
ibm
|
data_risk_manager
|
IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184925.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4613
|
2024-11-21 14:32 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200862
|
6.5 |
MEDIUM
Network
|
ibm
|
data_risk_manager
|
IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to obtain sensitive information using a specially crafted HTTP request. IBM X-Force ID: 184924.
|
NVD-CWE-noinfo
|
CVE-2020-4612
|
2024-11-21 14:32 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200863
|
8.8 |
HIGH
Network
|
ibm
|
data_risk_manager
|
IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to bypass security and execute actions reserved for admins. IBM X-Force ID: 184922.
|
NVD-CWE-noinfo
|
CVE-2020-4611
|
2024-11-21 14:32 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200864
|
6.5 |
MEDIUM
Network
|
vmware
|
horizon_daas
|
VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication. Successful exploitation of …
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-3977
|
2024-11-21 14:32 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200865
|
6.5 |
MEDIUM
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticat…
|
NVD-CWE-noinfo
|
CVE-2020-4590
|
2024-11-21 14:32 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200866
|
7.5 |
HIGH
Network
|
ibm
|
datapower_gateway
|
IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a chunked transfer-encoding HTTP/2 request. IBM X-Force ID: 184441.
|
NVD-CWE-noinfo
|
CVE-2020-4581
|
2024-11-21 14:32 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200867
|
7.5 |
HIGH
Network
|
ibm
|
datapower_gateway
|
IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted a JSON request with invalid characters. IBM X-Force ID: …
|
NVD-CWE-noinfo
|
CVE-2020-4580
|
2024-11-21 14:32 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200868
|
7.5 |
HIGH
Network
|
ibm
|
datapower_gateway
|
IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted HTTP/2 request with invalid characters. IBM X-Force ID: …
|
NVD-CWE-noinfo
|
CVE-2020-4579
|
2024-11-21 14:32 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200869
|
4.3 |
MEDIUM
Network
|
ibm
|
business_automation_content_analyzer_on_cloud
|
IBM Business Automation Content Analyzer on Cloud 1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http://…
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-4315
|
2024-11-21 14:32 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200870
|
7.8 |
HIGH
Local
|
installbuilder
|
installbuilder
|
InstallBuilder for Qt Windows (versions prior to 20.7.0) installers look for plugins at a predictable location at initialization time, writable by non-admin users. While those plugins are not require…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-3979
|
2024-11-21 14:32 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
