Total
34517 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-4931 | 1 Ibm | 1 Mq | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM MQ 9.1 LTS, 9.2 LTS, and 9.1 CD AMQP Channels could allow an authenticated user to cause a denial of service due to an issue processing messages. IBM X-Force ID: 191747. | |||||
| CVE-2020-4927 | 1 Ibm | 1 Spectrum Scale | 2024-11-21 | N/A | 5.7 MEDIUM |
| A vulnerability in the Spectrum Scale 5.0.5.0 through 5.1.6.1 core component could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. IBM X-Force ID: 191695. | |||||
| CVE-2020-4925 | 2 Ibm, Linux | 2 Spectrum Scale, Linux Kernel | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A security vulnerability in the Spectrum Scale 5.0 and 5.1 allows a non-root user to overflow the mmfsd daemon with requests and preventing the daemon to service other requests. IBM X-Force ID: 191599. | |||||
| CVE-2020-4919 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 5.5 MEDIUM | 3.8 LOW |
| IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to impersonate another user on the system. IBM X-Force ID: 191395. | |||||
| CVE-2020-4912 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| IBM Cloud Pak System 2.3 Self Service Console could allow a privilege escalation by capturing the user request URL when logged in as a privileged user. IBM X-Force ID: 191287. | |||||
| CVE-2020-4905 | 1 Ibm | 1 Financial Transaction Manager For Multiplatform | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an remote attacker to obtain sensitive information, caused by a man in the middle attack. By SSL striping, an attacker could exploit this vulnerability to obtain sensitive information. | |||||
| CVE-2020-4903 | 1 Ibm | 1 Api Connect | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| IBM API Connect V10 and V2018 could allow an attacker who has intercepted a registration invitation link to impersonate the registered user or obtain sensitive information. IBM X-Force ID: 191105. | |||||
| CVE-2020-4901 | 1 Ibm | 1 Robotic Process Automation With Automation Anywhere | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| IBM Robotic Process Automation with Automation Anywhere 11.0 could allow an attacker on the network to obtain sensitive information or cause a denial of service through username enumeration. IBM X-Force ID: 190992. | |||||
| CVE-2020-4889 | 2 Ibm, Linux | 2 Spectrum Scale, Linux Kernel | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971. | |||||
| CVE-2020-4887 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit a vulnerability in the gencore user command to create arbitrary files in any directory. IBM X-Force ID: 190911. | |||||
| CVE-2020-4883 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM QRadar SIEM 7.3 and 7.4 could disclose sensitive information about other domains which could be used in further attacks against the system. IBM X-Force ID: 190907. | |||||
| CVE-2020-4870 | 4 Ibm, Linux, Microsoft and 1 more | 7 Aix, I, Linux On Ibm Z and 4 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM MQ 9.2 CD and LTS are vulnerable to a denial of service attack caused by an error processing connecting applications. IBM X-Force ID: 190833. | |||||
| CVE-2020-4848 | 1 Ibm | 1 Urbancode Deploy | 2024-11-21 | 5.5 MEDIUM | 5.4 MEDIUM |
| IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 190293. | |||||
| CVE-2020-4832 | 1 Ibm | 2 Aix, Powerha | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| IBM PowerHA 7.2 could allow a local attacker to obtain sensitive information from temporary directories after a discovery failure occurs. IBM X-Force ID: 189969. | |||||
| CVE-2020-4829 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the ksu user command to gain root privileges. IBM X-Force ID: 189960. | |||||
| CVE-2020-4795 | 1 Ibm | 1 Security Identity Governance And Intelligence | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
| IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information to an unauthorized user using a specially crafted HTTP request. IBM X-Force ID: 189446. | |||||
| CVE-2020-4788 | 3 Fedoraproject, Ibm, Oracle | 7 Fedora, Aix, Power9 and 4 more | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296. | |||||
| CVE-2020-4763 | 1 Ibm | 1 Sterling File Gateway | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| IBM Sterling File Gateway 6.0.0.0 through 6.0.3.2 and 2.2.0.0 through 2.2.6.5 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 188897. | |||||
| CVE-2020-4732 | 1 Ibm | 9 Collaborative Lifecycle Management, Engineering Lifecycle Management, Engineering Lifecycle Optimization - Engineering Insights and 6 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to obtain sensitive information due to lack of security restrictions. IBM X-Force ID: 188126. | |||||
| CVE-2020-4729 | 1 Ibm | 1 Safer Payments | 2024-11-21 | N/A | 5.3 MEDIUM |
| IBM Counter Fraud Management for Safer Payments 5.7.0.00 through 5.7.0.10, 6.0.0.00 through 6.0.0.07, 6.1.0.00 through 6.1.0.05, and 6.2.0.00 through 6.2.1.00 could allow an authenticated attacker under special circumstances to send multiple specially crafted API requests that could cause the application to crash. IBM X-Force ID: 188052. | |||||