Filtered by vendor Ibm
Subscribe
Total
6536 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-4175 | 1 Ibm | 1 Security Guardium Insights | 2021-07-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| IBM Security Guardium Insights 2.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 174684. | |||||
| CVE-2020-4871 | 1 Ibm | 1 Planning Analytics | 2021-07-21 | 2.1 LOW | 5.5 MEDIUM |
| IBM Planning Analytics 2.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 190834. | |||||
| CVE-2020-4841 | 2 Ibm, Microsoft | 2 Security Secret Server, Windows | 2021-07-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 190045. | |||||
| CVE-2020-4382 | 2 Ibm, Linux | 2 Elastic Storage Server, Linux Kernel | 2021-07-21 | 2.1 LOW | 5.5 MEDIUM |
| IBM Spectrum Scale for IBM Elastic Storage Server 5.3.0 through 5.3.5 could allow an authenticated user to cause a denial of service during deployment or upgrade pertaining to xcat services. IBM X-Force ID: 179163. | |||||
| CVE-2020-4832 | 1 Ibm | 2 Aix, Powerha | 2021-07-21 | 2.1 LOW | 5.5 MEDIUM |
| IBM PowerHA 7.2 could allow a local attacker to obtain sensitive information from temporary directories after a discovery failure occurs. IBM X-Force ID: 189969. | |||||
| CVE-2020-4873 | 1 Ibm | 1 Planning Analytics | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Planning Analytics 2.0 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. IBM X-Force ID: 190836. | |||||
| CVE-2020-4343 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 178244. | |||||
| CVE-2020-4164 | 1 Ibm | 1 Security Information Queue | 2021-07-21 | 4.0 MEDIUM | 2.7 LOW |
| IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could expose sensitive information from applicatino errors which could be used in further attacks against the system. IBM X-Force ID: 174400. | |||||
| CVE-2020-4685 | 1 Ibm | 1 Cognos Controller | 2021-07-21 | 6.5 MEDIUM | 7.2 HIGH |
| A low level user of IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, 10.4.1, and 10.4.2 who has Administration rights to the server where the application is installed, can escalate their privilege from Low level to Super Admin and gain access to Create/Update/Delete any level of user in Cognos Controller. IBM X-Force ID: 186625. | |||||
| CVE-2020-4686 | 1 Ibm | 21 Flashsystem V5000, Flashsystem V5000 Firmware, Flashsystem V7200 and 18 more | 2021-07-21 | 5.5 MEDIUM | 8.1 HIGH |
| IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678. | |||||
| CVE-2019-4701 | 1 Ibm | 2 Guardium Data Encryption, Guardium For Cloud Key Management | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Security Guardium Data Encryption (GDE) 3.0.0.2 is deployed with active debugging code that can create unintended entry points. IBM X-Force ID: 171936. | |||||
| CVE-2020-4257 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2021-07-21 | 6.9 MEDIUM | 7.8 HIGH |
| IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175635. | |||||
| CVE-2020-4422 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 180167. | |||||
| CVE-2020-4816 | 1 Ibm | 1 Cloud Pak For Security | 2021-07-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 189703. | |||||
| CVE-2020-4791 | 1 Ibm | 1 Security Identity Governance And Intelligence | 2021-07-21 | 1.8 LOW | 5.3 MEDIUM |
| IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to obtain sensitive information using main in the middle attacks due to improper certificate validation. IBM X-Force ID: 189379. | |||||
| CVE-2020-4616 | 1 Ibm | 1 Data Risk Manager | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Data Risk Manager (iDNA) 2.0.6 could disclose sensitive username information to an attacker using a specially crafted HTTP request. IBM X-Force ID: 184929. | |||||
| CVE-2020-4795 | 1 Ibm | 1 Security Identity Governance And Intelligence | 2021-07-21 | 6.4 MEDIUM | 8.2 HIGH |
| IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information to an unauthorized user using a specially crafted HTTP request. IBM X-Force ID: 189446. | |||||
| CVE-2020-4383 | 2 Ibm, Linux | 2 Elastic Storage Server, Linux Kernel | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Spectrum Scale for IBM Elastic Storage Server 5.3.0 through 5.3.5 could allow an authenticated user to cause a denial of service during deployment while configuring some of the network services. IBM X-Force ID: 179165. | |||||
| CVE-2020-4249 | 1 Ibm | 1 Security Identity Governance And Intelligence | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Security Identity Governance and Intelligence 5.2.6 could disclose highly sensitive information to other authenticated users on the sytem due to incorrect authorization. IBM X-Force ID: 175485. | |||||
| CVE-2020-4302 | 1 Ibm | 1 Cognos Analytics | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to execute arbitrary code on the system, caused by a CSV injection. By persuading a victim to open a specially-crafted excel file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 176610. | |||||