Filtered by vendor Ibm
Subscribe
Total
7797 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-4925 | 2 Ibm, Linux | 2 Spectrum Scale, Linux Kernel | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A security vulnerability in the Spectrum Scale 5.0 and 5.1 allows a non-root user to overflow the mmfsd daemon with requests and preventing the daemon to service other requests. IBM X-Force ID: 191599. | |||||
| CVE-2020-4921 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191398. | |||||
| CVE-2020-4920 | 1 Ibm | 12 Collaborative Lifecycle Management, Doors Next, Engineering Insights and 9 more | 2024-11-21 | 4.3 MEDIUM | 5.4 MEDIUM |
| IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191396. | |||||
| CVE-2020-4919 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 5.5 MEDIUM | 3.8 LOW |
| IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to impersonate another user on the system. IBM X-Force ID: 191395. | |||||
| CVE-2020-4918 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| IBM Cloud Pak System 2.3 could allow l local privileged user to disclose sensitive information due to an insecure direct object reference in sell service console for the Platform System Manager. IBM X-Force ID: 191392. | |||||
| CVE-2020-4917 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| IBM Cloud Pak System 2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 191391. | |||||
| CVE-2020-4916 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191390. | |||||
| CVE-2020-4913 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| IBM Cloud Pak System 2.3 could reveal credential information in the HTTP response to a local privileged user. IBM X-Force ID: 191288. | |||||
| CVE-2020-4912 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| IBM Cloud Pak System 2.3 Self Service Console could allow a privilege escalation by capturing the user request URL when logged in as a privileged user. IBM X-Force ID: 191287. | |||||
| CVE-2020-4910 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191274. | |||||
| CVE-2020-4909 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191273. | |||||
| CVE-2020-4908 | 1 Ibm | 1 Financial Transaction Manager For Multiplatform | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 returns the product version and release information on the login dialog. This information could be used in further attacks against the system. | |||||
| CVE-2020-4907 | 1 Ibm | 1 Financial Transaction Manager For Multiplatform | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. | |||||
| CVE-2020-4906 | 1 Ibm | 1 Financial Transaction Manager For Multiplatform | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to be stored locally which can be read by another user on the system. | |||||
| CVE-2020-4905 | 1 Ibm | 1 Financial Transaction Manager For Multiplatform | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an remote attacker to obtain sensitive information, caused by a man in the middle attack. By SSL striping, an attacker could exploit this vulnerability to obtain sensitive information. | |||||
| CVE-2020-4904 | 1 Ibm | 1 Financial Transaction Manager For Multiplatform | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | |||||
| CVE-2020-4903 | 1 Ibm | 1 Api Connect | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| IBM API Connect V10 and V2018 could allow an attacker who has intercepted a registration invitation link to impersonate the registered user or obtain sensitive information. IBM X-Force ID: 191105. | |||||
| CVE-2020-4902 | 2 Ibm, Microsoft | 2 Datacap Navigator, Windows | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Datacap Taskmaster Capture (IBM Datacap Navigator 9.1.7) is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191045. | |||||
| CVE-2020-4901 | 1 Ibm | 1 Robotic Process Automation With Automation Anywhere | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| IBM Robotic Process Automation with Automation Anywhere 11.0 could allow an attacker on the network to obtain sensitive information or cause a denial of service through username enumeration. IBM X-Force ID: 190992. | |||||
| CVE-2020-4900 | 1 Ibm | 1 Business Automation Workflow | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 190991. | |||||