Total
35019 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-5015 | 2 Ibm, Linux | 3 Elastic Storage Server, Elastic Storage System, Linux Kernel | 2024-11-21 | 7.5 High |
| IBM Elastic Storage System 6.0.0 through 6.0.1.2 and IBM Elastic Storage Server 5.3.0 through 5.3.6.2 could allow a remote attacker to cause a denial of service by sending malformed UDP requests. IBM X-Force ID: 193486. | ||||
| CVE-2020-4994 | 1 Ibm | 1 Datapower Gateway | 2024-11-21 | 7.5 High |
| IBM DataPower Gateway 10.0.1.0 through 10.0.1.4 and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a temporary denial of service by sending invalid HTTP requests. IBM X-Force ID: 192906. | ||||
| CVE-2020-4988 | 1 Ibm | 1 Loopback | 2024-11-21 | 9.8 Critical |
| Loopback 8.0.0 contains a vulnerability that could allow an attacker to manipulate or pollute Javascript values and cause a denial of service or possibly execute code. IBM X-Force ID: 192706. | ||||
| CVE-2020-4985 | 1 Ibm | 1 Planning Analytics Local | 2024-11-21 | 7.5 High |
| IBM Planning Analytics Local 2.0 could allow an attacker to obtain sensitive information due to accepting body parameters in a query. IBM X-Force ID: 192642. | ||||
| CVE-2020-4979 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2024-11-21 | 9.8 Critical |
| IBM QRadar SIEM 7.3 and 7.4 is vulnerable to insecure inter-deployment communication. An attacker that is able to comprimise or spoof traffic between hosts may be able to execute arbitrary commands. IBM X-Force D: 192538. | ||||
| CVE-2020-4964 | 1 Ibm | 12 Collaborative Lifecycle Management, Doors Next, Engineering Insights and 9 more | 2024-11-21 | 4.3 Medium |
| IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application which could be used to phish other users. IBM X-Force ID: 192419. | ||||
| CVE-2020-4952 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2024-11-21 | 8.8 High |
| IBM Security Guardium 11.2 could allow an authenticated user to gain root access due to improper access control. IBM X-Force ID: 192028. | ||||
| CVE-2020-4931 | 1 Ibm | 1 Mq | 2024-11-21 | 6.5 Medium |
| IBM MQ 9.1 LTS, 9.2 LTS, and 9.1 CD AMQP Channels could allow an authenticated user to cause a denial of service due to an issue processing messages. IBM X-Force ID: 191747. | ||||
| CVE-2020-4925 | 2 Ibm, Linux | 2 Spectrum Scale, Linux Kernel | 2024-11-21 | 5.5 Medium |
| A security vulnerability in the Spectrum Scale 5.0 and 5.1 allows a non-root user to overflow the mmfsd daemon with requests and preventing the daemon to service other requests. IBM X-Force ID: 191599. | ||||
| CVE-2020-4919 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 3.8 Low |
| IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to impersonate another user on the system. IBM X-Force ID: 191395. | ||||
| CVE-2020-4912 | 1 Ibm | 1 Cloud Pak System | 2024-11-21 | 7.2 High |
| IBM Cloud Pak System 2.3 Self Service Console could allow a privilege escalation by capturing the user request URL when logged in as a privileged user. IBM X-Force ID: 191287. | ||||
| CVE-2020-4905 | 1 Ibm | 1 Financial Transaction Manager For Multiplatform | 2024-11-21 | 5.9 Medium |
| IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an remote attacker to obtain sensitive information, caused by a man in the middle attack. By SSL striping, an attacker could exploit this vulnerability to obtain sensitive information. | ||||
| CVE-2020-4903 | 1 Ibm | 1 Api Connect | 2024-11-21 | 6.5 Medium |
| IBM API Connect V10 and V2018 could allow an attacker who has intercepted a registration invitation link to impersonate the registered user or obtain sensitive information. IBM X-Force ID: 191105. | ||||
| CVE-2020-4901 | 1 Ibm | 1 Robotic Process Automation With Automation Anywhere | 2024-11-21 | 6.5 Medium |
| IBM Robotic Process Automation with Automation Anywhere 11.0 could allow an attacker on the network to obtain sensitive information or cause a denial of service through username enumeration. IBM X-Force ID: 190992. | ||||
| CVE-2020-4889 | 2 Ibm, Linux | 2 Spectrum Scale, Linux Kernel | 2024-11-21 | 3.3 Low |
| IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971. | ||||
| CVE-2020-4887 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 5.5 Medium |
| IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit a vulnerability in the gencore user command to create arbitrary files in any directory. IBM X-Force ID: 190911. | ||||
| CVE-2020-4883 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2024-11-21 | 6.5 Medium |
| IBM QRadar SIEM 7.3 and 7.4 could disclose sensitive information about other domains which could be used in further attacks against the system. IBM X-Force ID: 190907. | ||||
| CVE-2020-4870 | 4 Ibm, Linux, Microsoft and 1 more | 7 Aix, I, Linux On Ibm Z and 4 more | 2024-11-21 | 7.5 High |
| IBM MQ 9.2 CD and LTS are vulnerable to a denial of service attack caused by an error processing connecting applications. IBM X-Force ID: 190833. | ||||
| CVE-2020-4848 | 1 Ibm | 1 Urbancode Deploy | 2024-11-21 | 5.4 Medium |
| IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to initiate a plugin or compare process resources that they should not have access to. IBM X-Force ID: 190293. | ||||
| CVE-2020-4832 | 1 Ibm | 2 Aix, Powerha | 2024-11-21 | 5.5 Medium |
| IBM PowerHA 7.2 could allow a local attacker to obtain sensitive information from temporary directories after a discovery failure occurs. IBM X-Force ID: 189969. | ||||