Export limit exceeded: 84056 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (84056 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-4938 | 1 Ibm | 1 Mq Appliance | 2024-11-21 | 8.8 High |
| IBM MQ Appliance 9.1 and 9.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 191815. | ||||
| CVE-2020-4937 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2024-11-21 | 7.5 High |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 191814. | ||||
| CVE-2020-4932 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2024-11-21 | 7.8 High |
| IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 191748. | ||||
| CVE-2020-4921 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2024-11-21 | 8.8 High |
| IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191398. | ||||
| CVE-2020-4917 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 8.8 High |
| IBM Cloud Pak System 2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 191391. | ||||
| CVE-2020-4912 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 7.2 High |
| IBM Cloud Pak System 2.3 Self Service Console could allow a privilege escalation by capturing the user request URL when logged in as a privileged user. IBM X-Force ID: 191287. | ||||
| CVE-2020-4902 | 2 Ibm, Microsoft | 2 Datacap Navigator, Windows | 2024-11-21 | 8.8 High |
| IBM Datacap Taskmaster Capture (IBM Datacap Navigator 9.1.7) is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191045. | ||||
| CVE-2020-4898 | 1 Ibm | 1 Emptoris Strategic Supply Management | 2024-11-21 | 7.5 High |
| IBM Emptoris Strategic Supply Management 10.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 190989. | ||||
| CVE-2020-4888 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2024-11-21 | 8.8 High |
| IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. By sending a malicious serialized Java object, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 190912. | ||||
| CVE-2020-4881 | 1 Ibm | 1 Planning Analytics | 2024-11-21 | 7.5 High |
| IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the lack of server hostname verification for SSL/TLS communication. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 190851. | ||||
| CVE-2020-4876 | 2 Ibm, Microsoft | 2 Cognos Controller, Windows | 2024-11-21 | 8.2 High |
| IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 190839. | ||||
| CVE-2020-4875 | 2 Ibm, Microsoft | 2 Cognos Controller, Windows | 2024-11-21 | 8.2 High |
| IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 190838. | ||||
| CVE-2020-4870 | 4 Ibm, Linux, Microsoft and 1 more | 7 Aix, I, Linux On Ibm Z and 4 more | 2024-11-21 | 7.5 High |
| IBM MQ 9.2 CD and LTS are vulnerable to a denial of service attack caused by an error processing connecting applications. IBM X-Force ID: 190833. | ||||
| CVE-2020-4850 | 1 Ibm | 1 Gpfs.tct.server | 2024-11-21 | 7.5 High |
| IBM Spectrum Scale 1.1.1.0 through 1.1.8.4 Transparent Cloud Tiering could allow a remote attacker to obtain sensitive information, caused by the leftover files after configuration. IBM X-Force ID: 190298. | ||||
| CVE-2020-4831 | 1 Ibm | 1 Datapower Gateway | 2024-11-21 | 7.5 High |
| IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 189965. | ||||
| CVE-2020-4829 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 7.8 High |
| IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the ksu user command to gain root privileges. IBM X-Force ID: 189960. | ||||
| CVE-2020-4799 | 1 Ibm | 1 Informix Dynamic Server | 2024-11-21 | 7.8 High |
| IBM Informix spatial 14.10 could allow a local user to execute commands as a privileged user due to an out of bounds write vulnerability. IBM X-Force ID: 189460. | ||||
| CVE-2020-4795 | 1 Ibm | 1 Security Identity Governance And Intelligence | 2024-11-21 | 8.2 High |
| IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information to an unauthorized user using a specially crafted HTTP request. IBM X-Force ID: 189446. | ||||
| CVE-2020-4779 | 1 Ibm | 1 Curam Social Program Management | 2024-11-21 | 8.1 High |
| A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156. | ||||
| CVE-2020-4778 | 1 Ibm | 1 Curam Social Program Management | 2024-11-21 | 7.5 High |
| IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorithm for hashing token in a single instance which less safe than default SHA-256 cryptographic algorithm used throughout the Cúram application. IBM X-Force ID: 189156. | ||||