Export limit exceeded: 79689 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79689 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-4685 | 1 Ibm | 1 Cognos Controller | 2024-11-21 | 7.2 High |
| A low level user of IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, 10.4.1, and 10.4.2 who has Administration rights to the server where the application is installed, can escalate their privilege from Low level to Super Admin and gain access to Create/Update/Delete any level of user in Cognos Controller. IBM X-Force ID: 186625. | ||||
| CVE-2020-4668 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more | 2024-11-21 | 8.8 High |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3, and 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 186283. | ||||
| CVE-2020-4662 | 1 Ibm | 1 Event Streams | 2024-11-21 | 8.8 High |
| IBM Event Streams 10.0.0 could allow an authenticated user to perform tasks to a schema due to improper authentication validation. IBM X-Force ID: 186233. | ||||
| CVE-2020-4655 | 1 Ibm | 1 Sterling B2b Integrator | 2024-11-21 | 8.8 High |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 186091. | ||||
| CVE-2020-4647 | 1 Ibm | 1 Sterling File Gateway | 2024-11-21 | 8.8 High |
| IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. | ||||
| CVE-2020-4643 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 7.5 High |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information. IBM X-Force ID: 185590. | ||||
| CVE-2020-4638 | 1 Ibm | 1 Api Connect | 2024-11-21 | 7.2 High |
| IBM API Connect's API Manager 2018.4.1.0 through 2018.4.1.12 is vulnerable to privilege escalation. An invitee to an API Provider organization can escalate privileges by manipulating the invitation link. IBM X-Force ID: 185508. | ||||
| CVE-2020-4636 | 2 Ibm, Linux | 2 Resilient Security Orchestration Automation And Response, Linux Kernel | 2024-11-21 | 7.2 High |
| IBM Resilient OnPrem 38.2 could allow a privileged user to inject malicious commands through Python3 scripting. IBM X-Force ID: 185503. | ||||
| CVE-2020-4633 | 1 Ibm | 1 Resilient Security Orchestration Automation And Response | 2024-11-21 | 8.8 High |
| IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbitrary code on the system, caused by formula injection due to improper input validation. | ||||
| CVE-2020-4622 | 1 Ibm | 1 Data Risk Manager | 2024-11-21 | 7.5 High |
| IBM Data Risk Manager (iDNA) 2.0.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 184983. | ||||
| CVE-2020-4621 | 1 Ibm | 1 Data Risk Manager | 2024-11-21 | 8.8 High |
| IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to escalate their privileges to administrator due to insufficient authorization checks. IBM X-Force ID: 184981. | ||||
| CVE-2020-4620 | 1 Ibm | 1 Data Risk Manager | 2024-11-21 | 8.8 High |
| IBM Data Risk Manager (iDNA) 2.0.6 could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious file, which could allow the attacker to execute arbitrary code on the vulnerable system. IBM X-Force ID: 184979. | ||||
| CVE-2020-4617 | 1 Ibm | 1 Data Risk Manager | 2024-11-21 | 8.1 High |
| IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 184930. | ||||
| CVE-2020-4614 | 1 Ibm | 1 Data Risk Manager | 2024-11-21 | 7.5 High |
| IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 184927. | ||||
| CVE-2020-4613 | 1 Ibm | 1 Data Risk Manager | 2024-11-21 | 7.5 High |
| IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184925. | ||||
| CVE-2020-4611 | 1 Ibm | 1 Data Risk Manager | 2024-11-21 | 8.8 High |
| IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to bypass security and execute actions reserved for admins. IBM X-Force ID: 184922. | ||||
| CVE-2020-4610 | 1 Ibm | 1 Security Verify Privilege Manager | 2024-11-21 | 7.8 High |
| IBM Security Secret Server (IBM Security Verify Privilege Manager 10.8.2 ) could allow a local user to execute code due to improper integrity checks. IBM X-Force ID: 184919. | ||||
| CVE-2020-4609 | 1 Ibm | 1 Security Verify Privilege Manager | 2024-11-21 | 7.8 High |
| IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2) is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. IBM X-Force ID: 184917. | ||||
| CVE-2020-4607 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege Vault Remote On-premises, Windows | 2024-11-21 | 7.8 High |
| IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation. IBM X-Force ID: 184884. | ||||
| CVE-2020-4603 | 1 Ibm | 1 Security Guardium Insights | 2024-11-21 | 7.2 High |
| IBM Security Guardium Insights 2.0.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 184880. | ||||