|
200271
|
6.5 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to intercept and replace a message sent by another user due to improper access controls. IBM X-Force ID: 195567.
|
NVD-CWE-Other
|
CVE-2021-20375
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200272
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote authenticated user to cause a denial of another user's service due to insufficient permission checking. IBM X-Force ID: 195518.
|
NVD-CWE-Other
|
CVE-2021-20372
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200273
|
7.8 |
HIGH
Local
|
oracle
|
openjdk
|
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and e…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2021-20264
|
2024-11-21 14:46 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200274
|
9.8 |
CRITICAL
Network
|
ibm
|
cloud_pak_for_security
|
IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 could allow an attacker to perform unauthorized actions due to improper or missing authentication controls. IBM X-Force ID: 19…
|
CWE-287
Improper Authentication
|
CVE-2021-20578
|
2024-11-21 14:46 |
2021-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200275
|
6.1 |
MEDIUM
Network
|
ibm
|
sterling_order_management
|
IBM Sterling Order Management 9.4, 9.5, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fun…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20554
|
2024-11-21 14:46 |
2021-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200276
|
4.4 |
MEDIUM
Local
|
linux
debian
|
linux_kernel
debian_linux
|
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special us…
|
-
|
CVE-2021-20317
|
2024-11-21 14:46 |
2021-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200277
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote authenciated user to obtain sensitive information. By sending a specially crafted request, the user could disclose a valid filep…
|
NVD-CWE-noinfo
|
CVE-2021-20563
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200278
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information co…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-20485
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200279
|
5.4 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fu…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20484
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200280
|
5.5 |
MEDIUM
Local
|
ibm
|
security_verify_bridge
|
IBM Security Verify Bridge 1.0.5.0 does not properly validate a certificate which could allow a local attacker to obtain sensitive information that could aid in further attacks against the system. IB…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-20435
|
2024-11-21 14:46 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
