ibm

8,289 tracked vulnerabilities.

CVE-2020-4150 CRITICAL
IBM SiteProtector Appliance 3.1.1 - Use of Hard-coded Credentials
Jul 11, 2022
CVSS 9.8
EPSS 0.01
CVE-2020-4138 MEDIUM
IBM SiteProtector Appliance 3.1.1 - Info Disclosure
Jul 11, 2022
CVSS 5.5
EPSS 0.00
CVE-2020-36531 MEDIUM
SevOne Network Performance Management 5.7.2.0-5.7.2.22 - Privilege Escalation via Device Manager Page Injection
Jun 07, 2022
CVSS 6.3
EPSS 0.01
CVE-2020-36530 MEDIUM
SevOne Network Performance Management 5.7.2.0-5.7.2.22 - SQL Injection in Alert Summary
Jun 07, 2022
CVSS 6.3
EPSS 0.01
CVE-2020-36529 HIGH
SevOne Network Performance Management < 5.7.2.22 - Remote Command Injection in Traceroute Handler
Jun 07, 2022
CVSS 8.8
EPSS 0.04
CVE-2020-4926 CRITICAL
IBM Elastic Storage System < 6.1.3.0 and Spectrum Scale < 5.1.3.0 - Missing Authorization
May 24, 2022
CVSS 9.1
EPSS 0.01
CVE-2020-4970 MEDIUM
IBM Security Identity Governance and Intelligence 5.2.4-5.2.6 - Cleartext Transmission of Sensitive Information
May 19, 2022
CVSS 5.9
EPSS 0.01
CVE-2020-4994 HIGH
IBM DataPower Gateway 10.0.1.0-10.0.1.4 and 2018.4.1.0-2018.4.1.17 - Denial of Service via Invalid HTTP Requests
May 17, 2022
CVSS 7.5
EPSS 0.01
CVE-2020-4957 MEDIUM
IBM Security Identity Governance and Intelligence 5.2.6 - Exposure of Sensitive Information in URL Parameters
May 17, 2022
CVSS 5.3
EPSS 0.01
CVE-2020-4668 HIGH
IBM Sterling B2B Integrator 6.0.0.0-6.0.3.5 and 6.1.0.0-6.1.1.0 - Cross-Site Request Forgery
Apr 08, 2022
CVSS 8.8
EPSS 0.00
CVE-2020-4989 MEDIUM
IBM Rational Team Concert - Exposure to Wrong Actor
Mar 15, 2022
CVSS 4.3
EPSS 0.01
CVE-2020-4925 MEDIUM
Spectrum Scale <5.2 - Buffer Overflow
Mar 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2020-4879 CRITICAL
IBM Cognos Controller 10.4.0-10.4.2 - Improper Authentication via Cookie Validation Bypass
Jan 21, 2022
CVSS 9.8
EPSS 0.01
CVE-2020-4877 CRITICAL
IBM Cognos Controller 10.4.0-10.4.2 - Unauthorized Modifications via Public Class Fields
Jan 21, 2022
CVSS 9.8
EPSS 0.01
CVE-2020-4876 HIGH
IBM Cognos Controller 10.4.0-10.4.2 - XML External Entity Injection
Jan 21, 2022
CVSS 8.2
EPSS 0.02
CVE-2020-4875 HIGH
IBM Cognos Controller 10.4.0-10.4.2 - XML External Entity Injection
Jan 21, 2022
CVSS 8.2
EPSS 0.02
CVE-2020-4496 MEDIUM
IBM Spectrum Protect Plus 10.1.0-10.1.8 - Man-in-the-Middle via Improper Certificate Validation
Dec 13, 2021
CVSS 5.9
EPSS 0.01
CVE-2020-4146 MEDIUM
IBM Security SiteProtector System 3.1.1 - Sensitive Information Exposure via Missing HttpOnly Flag
Nov 12, 2021
CVSS 5.3
EPSS 0.01
CVE-2020-4140 MEDIUM
IBM Security SiteProtector System 3.1.1 - Cross-Site Scripting
Nov 12, 2021
CVSS 5.4
EPSS 0.00
CVE-2020-4160 MEDIUM
IBM QRadar Network Security <5.5.0 - Info Disclosure
Nov 08, 2021
CVSS 5.9
EPSS 0.01
CVE-2020-4153 MEDIUM
IBM QRadar Network Security 5.4.0-5.4.0.14 - Cross-Site Scripting
Nov 08, 2021
CVSS 5.4
EPSS 0.00
CVE-2020-4152 MEDIUM
IBM QRadar Network Security 5.4.0-5.4.0.14 - Cleartext Transmission of Sensitive Information
Nov 08, 2021
CVSS 5.9
EPSS 0.01
CVE-2020-4951 LOW
IBM Cognos Analytics 11.1.7 and 11.2.0 - Exposure of Sensitive Information via Locally Cached Browser Data
Oct 15, 2021
CVSS 3.3
EPSS 0.00
CVE-2020-4654 MEDIUM
IBM Sterling File Gateway <6.1.1.0 - Info Disclosure
Oct 08, 2021
CVSS 6.5
EPSS 0.01
CVE-2020-4941 MEDIUM
IBM Edge Application Manager 4.2 - Sensitive Information Exposure via Error Pages
Sep 23, 2021
CVSS 4.3
EPSS 0.01