|
199251
|
5.4 |
MEDIUM
Network
|
ibm
|
maximo_asset_management
|
IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended f…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20374
|
2024-11-21 14:46 |
2021-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199252
|
7.5 |
HIGH
Network
|
mitsubishi
|
gt27_firmware
gt25_firmware
gt23_firmware
gt21_firmware
gs21_firmware
gt_softgot2000_firmware
|
Buffer access with incorrect length value vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.38.000, GT25 model communication driver versions 01.19.000 thro…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2021-20589
|
2024-11-21 14:46 |
2021-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199253
|
5.3 |
MEDIUM
Network
|
ibm
|
cloud_pak_for_security
|
IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an u…
|
NVD-CWE-Other
|
CVE-2021-20565
|
2024-11-21 14:46 |
2021-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199254
|
5.9 |
MEDIUM
Network
|
ibm
|
cloud_pak_for_security
|
IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict T…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2021-20564
|
2024-11-21 14:46 |
2021-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199255
|
5.3 |
MEDIUM
Network
|
ibm
|
qradar_user_behavior_analytics
|
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334.
|
CWE-863
Incorrect Authorization
|
CVE-2021-20429
|
2024-11-21 14:46 |
2021-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199256
|
7.5 |
HIGH
Network
|
ibm
|
qradar_user_behavior_analytics
|
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This informati…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-20393
|
2024-11-21 14:46 |
2021-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199257
|
6.1 |
MEDIUM
Network
|
ibm
|
qradar_user_behavior_analytics
|
IBM QRadar User Behavior Analytics 1.0.0 through 4.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20392
|
2024-11-21 14:46 |
2021-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199258
|
3.3 |
LOW
Local
|
ibm
|
qradar_user_behavior_analytics
|
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 195999.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2021-20391
|
2024-11-21 14:46 |
2021-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199259
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, …
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2021-20535
|
2024-11-21 14:46 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199260
|
7.5 |
HIGH
Local
|
qemu
debian
|
qemu
debian_linux
|
A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating the…
|
CWE-362
Race Condition
|
CVE-2021-20181
|
2024-11-21 14:46 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
