Total
7365 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-4919 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 5.5 MEDIUM | 3.8 LOW |
| IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to impersonate another user on the system. IBM X-Force ID: 191395. | |||||
| CVE-2020-4906 | 1 Ibm | 1 Financial Transaction Manager For Multiplatform | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to be stored locally which can be read by another user on the system. | |||||
| CVE-2020-4889 | 2 Ibm, Linux | 2 Spectrum Scale, Linux Kernel | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971. | |||||
| CVE-2020-4886 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that could be obtained by a user who has access to the same system. IBM X-Force ID: 190910. | |||||
| CVE-2020-4846 | 1 Ibm | 1 Security Key Lifecycle Manager | 2024-11-21 | 4.0 MEDIUM | 2.7 LOW |
| IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 190290. | |||||
| CVE-2020-4811 | 1 Ibm | 1 Cloud Pak For Security | 2024-11-21 | 4.0 MEDIUM | 2.4 LOW |
| IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper input validation. | |||||
| CVE-2020-4809 | 1 Ibm | 1 Edge Application Manager | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189633. | |||||
| CVE-2020-4805 | 1 Ibm | 1 Edge Application Manager | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189539. | |||||
| CVE-2020-4803 | 1 Ibm | 1 Edge Application Manager | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189535. | |||||
| CVE-2020-4787 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2024-11-21 | 2.1 LOW | 2.3 LOW |
| IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 189224. | |||||
| CVE-2020-4765 | 1 Ibm | 1 Cloud Pak For Multicloud Management | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 188902. | |||||
| CVE-2020-4726 | 1 Ibm | 1 Cloud Application Performance Management | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 187975. | |||||
| CVE-2020-4725 | 1 Ibm | 1 Cloud Application Performance Management | 2024-11-21 | 3.5 LOW | 3.5 LOW |
| IBM Monitoring (IBM Cloud APM 8.1.4 ) could allow an authenticated user to modify HTML content by sending a specially crafted HTTP request to the APM UI, which could mislead another user. IBM X-Force ID: 187974. | |||||
| CVE-2020-4650 | 1 Ibm | 1 Maximo Spatial Asset Management | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 186023. | |||||
| CVE-2020-4629 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensitive information from a detailed technical error message. This information could be used in further attacks against the system. IBM X-Force ID: 185370. | |||||
| CVE-2020-4591 | 3 Ibm, Linux, Microsoft | 4 Aix, Spectrum Protect Server, Linux Kernel and 1 more | 2024-11-21 | 1.9 LOW | 3.3 LOW |
| IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. IBM X-Force ID: 184746. | |||||
| CVE-2020-4548 | 3 Ibm, Linux, Microsoft | 4 Aix, Content Navigator, Linux Kernel and 1 more | 2024-11-21 | 4.0 MEDIUM | 2.7 LOW |
| IBM Content Navigator 3.0.7 and 3.0.8 is vulnerable to improper input validation. A malicious administrator could bypass the user interface and send requests to the IBM Content Navigator server with illegal characters that could be stored in the IBM Content Navigator database. IBM X-Force ID: 183316. | |||||
| CVE-2020-4371 | 1 Ibm | 1 Verify Gateway | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 contains sensitive information in leftover debug code that could be used aid a local user in further attacks against the system. IBM X-Force ID: 179008. | |||||
| CVE-2020-4345 | 1 Ibm | 1 I | 2024-11-21 | 1.9 LOW | 3.3 LOW |
| IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a specific set of circumstances may allow a local user to obtain sensitive information that they should not have access to. IBM X-Force ID: 178318. | |||||
| CVE-2020-4344 | 1 Ibm | 1 Tivoli Business Service Manager | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| IBM Tivoli Business Service Manager 6.2.0.0 - 6.2.0.2 IF 1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 178247. | |||||