CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2020-4299
https://notcve.org/view.php?id=CVE-2020-4299
14 May 2020 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 could expose sensitive information to a user through a specially crafted HTTP request. IBM X-Force ID: 176606. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 6.0.3.1, podría exponer información confidencial a un usuario por medio de una petición HTTP especialmente diseñada. IBM X-Force ID: 176606. • https://exchange.xforce.ibmcloud.com/vulnerabilities/176606 •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-4259
https://notcve.org/view.php?id=CVE-2020-4259
14 May 2020 — IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 could allow an authenticated user could manipulate cookie information and remove or add modules from the cookie to access functionality not authorized to. IBM X-Force ID: 175638. IBM Sterling File Gateway versiones 2.2.0.0 hasta 6.0.3.1, podría permitir que un usuario autentificado pudiera manipular la información de una cookie y eliminar o añadir módulos desde la cookie para acceder a funcionalidades no autorizadas. IBM X-Force ID: 175638. • https://exchange.xforce.ibmcloud.com/vulnerabilities/175638 • CWE-276: Incorrect Default Permissions •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2019-4719
https://notcve.org/view.php?id=CVE-2019-4719
16 Mar 2020 — IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data. IBM MQ e IBM MQ Appliance versiones 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS y 9.1 CD, podrían permitir a un atacante local obtener información confidencial mediante la inclusión de datos confidenciales dentro de los datos runmqras. • https://exchange.xforce.ibmcloud.com/vulnerabilities/172124 •
CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 0CVE-2019-4656
https://notcve.org/view.php?id=CVE-2019-4656
16 Mar 2020 — IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD is vulnerable to a denial of service attack that would allow an authenticated user to crash the queue and require a restart due to an error processing error messages. IBM X-Force ID: 170967. IBM MQ e IBM MQ Appliance versiones 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS y 9.1 CD, es vulnerable a un ataque de denegación de servicio que permitiría a un usuario autenticado bloquear la cola y requerir un reinicio debido a un fallo al procesar los mensa... • https://exchange.xforce.ibmcloud.com/vulnerabilities/170967 •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2019-4619
https://notcve.org/view.php?id=CVE-2019-4619
16 Mar 2020 — IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 168862. IBM MQ e IBM MQ Appliance versiones 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS y 9.1 CD, podrían permitir a un atacante local obtener información confidencial mediante la inclusión de datos confidenciales dentro de una traza. ID de IBM X-Force: 168862. • https://exchange.xforce.ibmcloud.com/vulnerabilities/168862 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.9EPSS: 0%CPEs: 8EXPL: 0CVE-2019-4568
https://notcve.org/view.php?id=CVE-2019-4568
28 Jan 2020 — IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS could allow a remote attacker with intimate knowledge of the server to cause a denial of service when receiving data on the channel. IBM X-Force ID: 166629. IBM MQ e IBM MQ Appliance versiones 8.0 y 9.0 LTS, podrían permitir a un atacante remoto con un conocimiento íntimo del servidor causar una denegación de servicio cuando son recibidos datos en el canal. ID de IBM X-Force: 166629. • https://exchange.xforce.ibmcloud.com/vulnerabilities/166629 •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2010-3282
https://notcve.org/view.php?id=CVE-2010-3282
09 Jan 2020 — 389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensitive information by reading the log. 389 Directory Server versiones anteriores a 1.2.7.1 (también se conoce como Red Hat Directory Server versión 8.2) y HP-UX Directory Server versiones anteriores a B.08.10.03, cu... • http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6914 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 10.0EPSS: 0%CPEs: 21EXPL: 2CVE-2019-14678
https://notcve.org/view.php?id=CVE-2019-14678
14 Nov 2019 — SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attackers in multiple ways. Examples are Local File Reading, Out Of Band File Exfiltration, Server Side Request Forgery, and/or Potential Denial of Service attacks. This vulnerability also affects the XMLV2 LIBNAME engine when the AUTOMAP option is used. SAS XML Mapper versión 9.45, tiene una vulnerabilidad de tipo XML External Entity (XXE) que los atacantes maliciosos pueden aprovechar en múltiples maneras... • https://github.com/mbadanoiu/CVE-2019-14678 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-4236
https://notcve.org/view.php?id=CVE-2019-4236
22 Jul 2019 — A IBM Spectrum Protect 7.l client backup or archive operation running for an HP-UX VxFS object is silently skipping Access Control List (ACL) entries from backup or archive if there are more than twelve ACL entries associated with the object in total. As a result, it could allow a local attacker to restore or retrieve the object with incorrect ACL entries. IBM X-Force ID: 159418. Una operación de copia de seguridad o archivado del cliente Spectrum Protect de IBM versión 7.l que es ejecutado para un objeto H... • https://exchange.xforce.ibmcloud.com/vulnerabilities/159418 • CWE-19: Data Processing Errors •
CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2019-11989
https://notcve.org/view.php?id=CVE-2019-11989
19 Jul 2019 — A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module ) could be exploited remotely to cause a denial of service. The versions and platforms of Agent Option modules that are impacted are as follows: 10.0 for Apache 2.2 on RHEL 5 and 6, 10.0 for Apache 2.4 on RHEL 7, 10.0 for Apache 2.4 on HP-UX 11i v3, 10.0 for IIS on Windows, 11.0 for Apache 2.4 on RHEL 7, MFA Proxy 4.0 (Agent module only) for Apache 2.4 on RHEL 7. Una vulnerabilidad de seguridad en IceWall SSO Agent Option... • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03941en_us •