Search Results (362695 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-4258 2 Ibm, Microsoft 2 I2 Analysts Notebook, Windows 2024-11-21 7.8 High
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175637.
CVE-2020-4257 2 Ibm, Microsoft 2 I2 Analysts Notebook, Windows 2024-11-21 7.8 High
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175635.
CVE-2020-4254 1 Ibm 1 Security Guardium Big Data Intelligence 2024-11-21 7.5 High
IBM Security Guardium Big Data Intelligence 1.0 (SonarG) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 175560.
CVE-2020-4253 1 Ibm 1 Content Navigator 2024-11-21 8.8 High
IBM Content Navigator 3.0CD does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 175559.
CVE-2020-4252 1 Ibm 2 Doors Next Generation, Rational Doors Next Generation 2024-11-21 5.4 Medium
IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 175490.
CVE-2020-4251 1 Ibm 1 Api Connect 2024-11-21 5.4 Medium
IBM API Connect 5.0.0.0 through 5.0.8.8 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 175489.
CVE-2020-4249 1 Ibm 1 Security Identity Governance And Intelligence 2024-11-21 6.5 Medium
IBM Security Identity Governance and Intelligence 5.2.6 could disclose highly sensitive information to other authenticated users on the sytem due to incorrect authorization. IBM X-Force ID: 175485.
CVE-2020-4248 1 Ibm 1 Security Identity Governance And Intelligence 2024-11-21 2.7 Low
IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 175484.
CVE-2020-4246 1 Ibm 1 Security Identity Governance And Intelligence 2024-11-21 7.1 High
IBM Security Identity Governance and Intelligence 5.2.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 175481.
CVE-2020-4245 1 Ibm 1 Security Identity Governance And Intelligence 2024-11-21 7.5 High
IBM Security Identity Governance and Intelligence 5.2.6 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 175423.
CVE-2020-4244 1 Ibm 1 Security Identity Governance And Intelligence 2024-11-21 5.3 Medium
IBM Security Identity Governance and Intelligence 5.2.6 could allow an unauthorized user to obtain sensitive information through user enumeration. IBM X-Force ID: 175422.
CVE-2020-4243 1 Ibm 1 Security Identity Governance And Intelligence 2024-11-21 3.7 Low
IBM Security Identity Governance and Intelligence 5.2.6 Virtual Appliance could allow a remote attacker to obtain sensitive information using man in the middle techniques due to not properly invalidating session tokens. IBM X-Force ID: 175420.
CVE-2020-4242 1 Ibm 2 Spectrum Protect Plus, Spectrum Scale 2024-11-21 8.8 High
IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 175419.
CVE-2020-4241 1 Ibm 2 Spectrum Protect Plus, Spectrum Scale 2024-11-21 8.8 High
IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 175418.
CVE-2020-4240 1 Ibm 1 Spectrum Protect Plus 2024-11-21 6.5 Medium
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to overwrite or create arbitrary files on the system. IBM X-Force ID: 175417.
CVE-2020-4239 1 Ibm 1 Tivoli Netcool\/impact 2024-11-21 5.3 Medium
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 175412.
CVE-2020-4238 1 Ibm 1 Tivoli Netcool\/impact 2024-11-21 8.8 High
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 175411.
CVE-2020-4237 1 Ibm 1 Tivoli Netcool\/impact 2024-11-21 8.8 High
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 175410.
CVE-2020-4236 1 Ibm 1 Tivoli Netcool\/impact 2024-11-21 6.5 Medium
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow an authenticated user to cause a denial of service due to improper content parsing in the project management module. IBM X-Force ID: 175409.
CVE-2020-4235 1 Ibm 1 Tivoli Netcool\/impact 2024-11-21 5.4 Medium
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 175408.