|
202511
|
2.4 |
LOW
Network
|
ibm
|
cloud_pak_for_security
|
IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper …
|
CWE-20
Improper Input Validation
|
CVE-2020-4811
|
2024-11-21 14:33 |
2021-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202512
|
6.5 |
MEDIUM
Network
|
ibm
|
robotic_process_automation_with_automation_anywhere
|
IBM Robotic Process Automation with Automation Anywhere 11.0 could allow an attacker on the network to obtain sensitive information or cause a denial of service through username enumeration. IBM X-Fo…
|
NVD-CWE-noinfo
|
CVE-2020-4901
|
2024-11-21 14:33 |
2021-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202513
|
8.1 |
HIGH
Network
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar SIEM 7.3 and 7.4 may vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information…
|
CWE-611
XXE
|
CVE-2020-5013
|
2024-11-21 14:33 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202514
|
4.9 |
MEDIUM
Network
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar SIEM 7.3 and 7.4 when decompressing or verifying signature of zip files processes data in a way that may be vulnerable to path traversal attacks. IBM X-Force ID: 192905.
|
CWE-22
Path Traversal
|
CVE-2020-4993
|
2024-11-21 14:33 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202515
|
9.8 |
CRITICAL
Network
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar SIEM 7.3 and 7.4 is vulnerable to insecure inter-deployment communication. An attacker that is able to comprimise or spoof traffic between hosts may be able to execute arbitrary commands. …
|
NVD-CWE-noinfo
|
CVE-2020-4979
|
2024-11-21 14:33 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202516
|
7.8 |
HIGH
Local
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-4932
|
2024-11-21 14:33 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202517
|
5.4 |
MEDIUM
Network
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentiall…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4929
|
2024-11-21 14:33 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202518
|
6.5 |
MEDIUM
Network
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar SIEM 7.3 and 7.4 could disclose sensitive information about other domains which could be used in further attacks against the system. IBM X-Force ID: 190907.
|
NVD-CWE-noinfo
|
CVE-2020-4883
|
2024-11-21 14:33 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202519
|
5.4 |
MEDIUM
Network
|
ibm
|
flashsystem_900_firmware
|
The IBM FlashSystem 900 user management GUI is vulnerable to stored cross-site scripting in code versions 1.5.2.8 and prior and 1.6.1.2 and prior. This vulnerability allows users to embed arbitrary J…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4987
|
2024-11-21 14:33 |
2021-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202520
|
6.0 |
MEDIUM
Local
|
ibm
|
spectrum_scale
|
IBM Spectrum Scale 5.0.4.1 through 5.1.0.3 could allow a local privileged user to overwrite files due to improper input validation. IBM X-Force ID: 192541.
|
CWE-20
Improper Input Validation
|
CVE-2020-4981
|
2024-11-21 14:33 |
2021-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
