Filtered by vendor Ibm
Subscribe
Total
7378 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-4612 | 1 Ibm | 1 Data Risk Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to obtain sensitive information using a specially crafted HTTP request. IBM X-Force ID: 184924. | |||||
| CVE-2020-4611 | 1 Ibm | 1 Data Risk Manager | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to bypass security and execute actions reserved for admins. IBM X-Force ID: 184922. | |||||
| CVE-2020-4610 | 1 Ibm | 1 Security Verify Privilege Manager | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| IBM Security Secret Server (IBM Security Verify Privilege Manager 10.8.2 ) could allow a local user to execute code due to improper integrity checks. IBM X-Force ID: 184919. | |||||
| CVE-2020-4609 | 1 Ibm | 1 Security Verify Privilege Manager | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2) is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. IBM X-Force ID: 184917. | |||||
| CVE-2020-4607 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege Vault Remote On-premises, Windows | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation. IBM X-Force ID: 184884. | |||||
| CVE-2020-4606 | 2 Ibm, Microsoft | 2 Security Verify Privilege Manager, Windows | 2024-11-21 | 3.6 LOW | 4.4 MEDIUM |
| IBM Security Verify Privilege Manager 10.8 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A local attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 184883. | |||||
| CVE-2020-4604 | 2 Ibm, Linux | 2 Security Guardium Insights, Linux Kernel | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be read by a local privileged user. IBM X-Force ID: 184861. | |||||
| CVE-2020-4603 | 1 Ibm | 1 Security Guardium Insights | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| IBM Security Guardium Insights 2.0.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 184880. | |||||
| CVE-2020-4602 | 2 Ibm, Linux | 2 Security Guardium Insights, Linux Kernel | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 184836. | |||||
| CVE-2020-4600 | 2 Ibm, Linux | 2 Security Guardium Insights, Linux Kernel | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184832. | |||||
| CVE-2020-4599 | 2 Ibm, Linux | 2 Security Guardium Insights, Linux Kernel | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184824. | |||||
| CVE-2020-4598 | 2 Ibm, Linux | 2 Security Guardium Insights, Linux Kernel | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| IBM Security Guardium Insights 2.0.1 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 184823. | |||||
| CVE-2020-4597 | 2 Ibm, Linux | 2 Security Guardium Insights, Linux Kernel | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| IBM Security Guardium Insights 2.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 184822. | |||||
| CVE-2020-4596 | 2 Ibm, Linux | 2 Security Guardium Insights, Linux Kernel | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184812. | |||||
| CVE-2020-4595 | 2 Ibm, Linux | 2 Security Guardium Insights, Linux Kernel | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184819. | |||||
| CVE-2020-4594 | 2 Ibm, Linux | 2 Security Guardium Insights, Linux Kernel | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184800. | |||||
| CVE-2020-4593 | 2 Ibm, Linux | 2 Security Guardium Insights, Linux Kernel | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| IBM Security Guardium Insights 2.0.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 184747. | |||||
| CVE-2020-4592 | 1 Ibm | 1 Mq Appliance | 2024-11-21 | 3.5 LOW | 6.5 MEDIUM |
| IBM MQ Appliance 9.1.CD and LTS could allow an authenticated user, under nondefault configuration to cause a data corruption attack due to an error when using segmented messages. | |||||
| CVE-2020-4591 | 3 Ibm, Linux, Microsoft | 4 Aix, Spectrum Protect Server, Linux Kernel and 1 more | 2024-11-21 | 1.9 LOW | 3.3 LOW |
| IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. IBM X-Force ID: 184746. | |||||
| CVE-2020-4590 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client. IBM X-Force ID: 184650. | |||||