Total
455 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-5274 | 1 Sensiolabs | 1 Symfony | 2024-11-21 | 5.5 MEDIUM | 4.6 MEDIUM |
| In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the `ErrorHandler` rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the stacktrace is only display in debug configuration. This issue is patched in symfony/http-foundation versions 4.4.5 and 5.0.5 | |||||
| CVE-2020-5026 | 1 Ibm | 1 Financial Transaction Manager | 2024-11-21 | N/A | 4.3 MEDIUM |
| IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 193662. | |||||
| CVE-2020-4941 | 1 Ibm | 1 Edge Application Manager | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Edge 4.2 could reveal sensitive version information about the server from error pages that could aid an attacker in further attacks against the system. IBM X-Force ID: 191941. | |||||
| CVE-2020-4907 | 1 Ibm | 1 Financial Transaction Manager For Multiplatform | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. | |||||
| CVE-2020-4897 | 1 Ibm | 2 Emptoris Contract Management, Emptoris Spend Analysis | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Emptoris Contract Management and IBM Emptoris Spend Analysis 10.1.0, 10.1.1, and 10.1.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 190988. | |||||
| CVE-2020-4868 | 1 Ibm | 1 Tririga Application Platform | 2024-11-21 | N/A | 4.3 MEDIUM |
| IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 190744. | |||||
| CVE-2020-4846 | 1 Ibm | 1 Security Key Lifecycle Manager | 2024-11-21 | 4.0 MEDIUM | 2.7 LOW |
| IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 190290. | |||||
| CVE-2020-4842 | 2 Ibm, Microsoft | 2 Security Secret Server, Windows | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 190046. | |||||
| CVE-2020-4761 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 188895. | |||||
| CVE-2020-4629 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensitive information from a detailed technical error message. This information could be used in further attacks against the system. IBM X-Force ID: 185370. | |||||
| CVE-2020-4628 | 1 Ibm | 1 Cloud Pak For Security | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Cloud Pak for Security (CP4S) 1.3.0.1 and 1.4.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 185369. | |||||
| CVE-2020-4600 | 2 Ibm, Linux | 2 Security Guardium Insights, Linux Kernel | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184832. | |||||
| CVE-2020-4599 | 2 Ibm, Linux | 2 Security Guardium Insights, Linux Kernel | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184824. | |||||
| CVE-2020-4584 | 1 Ibm | 1 I2 Ibase | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184574. | |||||
| CVE-2020-4572 | 1 Ibm | 1 Security Key Lifecycle Manager | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184179. | |||||
| CVE-2020-4544 | 1 Ibm | 13 Collaborative Lifecycle Management, Doors Next, Engineering Insights and 10 more | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 183189. | |||||
| CVE-2020-4536 | 1 Ibm | 1 Openpages Grc Platform | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182907. | |||||
| CVE-2020-4532 | 1 Ibm | 2 Business Automation Workflow, Business Process Manager | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Business Automation Workflow and IBM Business Process Manager (IBM Business Process Manager Express 8.5.5, 8.5.6, 8.5.7, and 8.6) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182716. | |||||
| CVE-2020-4487 | 1 Ibm | 13 Collaborative Lifecycle Management, Doors Next, Engineering Insights and 10 more | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 181862. | |||||
| CVE-2020-4483 | 1 Ibm | 1 Urbancode Deploy | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 181857. | |||||