Export limit exceeded: 364837 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 364837 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364837 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-4357 | 1 Ibm | 1 Spectrum Protect Plus | 2024-11-21 | 6.7 Medium |
| When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle, DB2 or MongoDB databases, a redirected restore operation specifying a target path may allow execution of arbitrary code on the system. IBM X-Force ID: 161667, | ||||
| CVE-2019-4352 | 1 Ibm | 1 Maximo Anywhere | 2024-11-21 | 2.4 Low |
| IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code. IBM X-Force ID: 161494. | ||||
| CVE-2019-4351 | 1 Ibm | 1 Maximo Anywhere | 2024-11-21 | 4.6 Medium |
| IBM Maximo Anywhere 7.6.4.0 applications could disclose sensitive information to a user with physical access to the device. IBM X-Force ID: 161493. | ||||
| CVE-2019-4349 | 1 Ibm | 1 Maximo Anywhere | 2024-11-21 | 3.5 Low |
| IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 applications can be installed on a deprecated operating system version that could compromised the confidentiality and integrity of the service. IBM X-Force ID: 161486 | ||||
| CVE-2019-4343 | 2 Ibm, Netapp | 2 Cognos Analytics, Oncommand Insight | 2024-11-21 | 6.5 Medium |
| IBM Cognos Analytics 11.0 and 11.1 allows overly permissive cross-origin resource sharing which could allow an attacker to transfer private information. An attacker could exploit this vulnerability to access content that should be restricted. IBM X-Force ID: 161422. | ||||
| CVE-2019-4342 | 2 Ibm, Netapp | 2 Cognos Analytics, Oncommand Insight | 2024-11-21 | 5.4 Medium |
| IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 161421. | ||||
| CVE-2019-4340 | 1 Ibm | 1 Security Guardium Big Data Intelligence | 2024-11-21 | 8.2 High |
| IBM Security Guardium Big Data Intelligence 4.0 (SonarG) is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 161419. | ||||
| CVE-2019-4339 | 1 Ibm | 1 Security Guardium Big Data Intelligence | 2024-11-21 | 7.5 High |
| IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 161418. | ||||
| CVE-2019-4338 | 1 Ibm | 1 Security Guardium Big Data Intelligence | 2024-11-21 | 7.5 High |
| IBM Security Guardium Big Data Intelligence 4.0 (SonarG) does not properly restrict the size or amount of resources that are requested or influenced by an actor. This weakness can be used to consume more resources than intended. IBM X-Force ID: 161417. | ||||
| CVE-2019-4337 | 1 Ibm | 1 Robotic Process Automation With Automation Anywhere | 2024-11-21 | 5.3 Medium |
| IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain sensitive information due to missing authentication in Ignite nodes. IBM X-Force ID: 161412. | ||||
| CVE-2019-4336 | 1 Ibm | 1 Robotic Process Automation With Automation Anywhere | 2024-11-21 | 9.8 Critical |
| IBM Robotic Process Automation with Automation Anywhere 11 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 161411. | ||||
| CVE-2019-4335 | 1 Ibm | 1 Watson Studio Local | 2024-11-21 | 5.5 Medium |
| IBM Watson Studio Local 1.2.3 stores key files in the user's home directory which could be obtained by another local user. IBM X-Force ID: 161413. | ||||
| CVE-2019-4334 | 1 Ibm | 1 Cognos Analytics | 2024-11-21 | 4.3 Medium |
| IBM Cognos Analytics 11.0 and 11.1 could reveal sensitive information to an authenticated user that could be used in future attacks against the system. IBM X-Force ID: 161271. | ||||
| CVE-2019-4330 | 1 Ibm | 1 Security Guardium Big Data Intelligence | 2024-11-21 | 4.3 Medium |
| IBM Security Guardium Big Data Intelligence (SonarG) 4.0 does not set the secure attribute for cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session. IBM X-Force ID: 161210. | ||||
| CVE-2019-4329 | 1 Ibm | 1 Security Guardium Big Data Intelligence | 2024-11-21 | 4.3 Medium |
| IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 161209. | ||||
| CVE-2019-4327 | 1 Hcltech | 1 Appscan | 2024-11-21 | 7.5 High |
| "HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files." | ||||
| CVE-2019-4326 | 1 Hcltech | 1 Appscan | 2024-11-21 | 7.5 High |
| "HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header." | ||||
| CVE-2019-4325 | 1 Hcltech | 1 Appscan | 2024-11-21 | 5.3 Medium |
| "HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details." | ||||
| CVE-2019-4324 | 1 Hcltech | 1 Appscan | 2024-11-21 | 6.1 Medium |
| "HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy." | ||||
| CVE-2019-4323 | 1 Hcltech | 1 Appscan | 2024-11-21 | 4.3 Medium |
| "HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame." | ||||