CVSS: 3.9EPSS: 0%CPEs: 1EXPL: 0CVE-2021-2381
https://notcve.org/view.php?id=CVE-2021-2381
20 Jul 2021 — Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data ... • https://www.oracle.com/security-alerts/cpujul2021.html •
CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0CVE-2021-29725
https://notcve.org/view.php?id=CVE-2021-29725
15 Jul 2021 — IBM Secure External Authentication Server 2.4.3.2, 6.0.1, 6.0.2 and IBM Secure Proxy 3.4.3.2, 6.0.1, 6.0.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM Secure External Authentication Server versiones 2.4.3.2, 6.0.1, 6.0.2 e IBM Secure Proxy versiones 3.4.3.2, 6.0.1, 6.0.2, podrían permitir a un usuario remoto consumir recursos causando una denegación de servicio debido a una fuga de recursos • https://exchange.xforce.ibmcloud.com/vulnerabilities/201102 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-29777
https://notcve.org/view.php?id=CVE-2021-29777
24 Jun 2021 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5, under specific circumstance of a table being dropped while being accessed in another session, could allow an authenticated user to cause a denial of srevice IBM X-Force ID: 203031. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) versiones 9.7, 10.1, 10.5, 11.1 y 11.5, en circunstancias específicas de caída de una tabla mientras se accede a ella en otra sesión, podría permitir a un usuario auten... • https://exchange.xforce.ibmcloud.com/vulnerabilities/203031 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-29703
https://notcve.org/view.php?id=CVE-2021-29703
24 Jun 2021 — Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200659. Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) es vulnerable a una denegación de servicio, ya que el servidor termina de forma anormal cuando se ejecuta una sentencia SELECT especialmente diseñada. IBM X-Force ID: 200659 • https://exchange.xforce.ibmcloud.com/vulnerabilities/200659 •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-20579
https://notcve.org/view.php?id=CVE-2021-20579
24 Jun 2021 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user who can create a view or inline SQL function to obtain sensitive information when AUTO_REVAL is set to DEFFERED_FORCE. IBM X-Force ID: 199283. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) versiones 9.7, 10.1, 10.5, 11.1 y 11.5, podría permitir a un usuario que pueda crear una visualización o una función SQL en línea obtener información confidencial cuando la función AUTO_RE... • https://exchange.xforce.ibmcloud.com/vulnerabilities/199283 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-20488
https://notcve.org/view.php?id=CVE-2021-20488
16 Jun 2021 — IBM Security Identity Manager 6.0.2 could allow an authenticated malicious user to change the passwords of other users in the Windows AD environment when IBM Security Identity Manager Windows Password Synch Plug-in is deployed and configured. IBM X-Force ID: 197789. IBM Security Identity Manager 6.0.2 podría permitir a un usuario malintencionado autentificado cambiar las contraseñas de otros usuarios en el entorno de Windows AD cuando se despliega y configura el complemento de sincronización de contraseñas ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/197789 •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-20483
https://notcve.org/view.php?id=CVE-2021-20483
16 Jun 2021 — IBM Security Identity Manager 6.0.2 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 197591. IBM Security Identity Manager versión 6.0.2, es vulnerable a un ataque de tipo server-side request forgery (SSRF). Al enviar una petición especialmente diseñada, un atacante remoto autenticado podría explotar esta vulnerabilidad para obtener datos confidenciales. • https://exchange.xforce.ibmcloud.com/vulnerabilities/197591 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2021-29754
https://notcve.org/view.php?id=CVE-2021-29754
11 Jun 2021 — IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a privilege escalation vulnerability when using the SAML Web Inbound Trust Association Interceptor (TAI). IBM X-Force ID: 202006. IBM WebSphere Application Server versiones 7.0, 8.0, 8.5 y 9.0 es suceptible a una vulnerabilidad de escalada de privilegios cuando se usa el SAML Web Inbound Trust Association Interceptor (TAI). IBM X-Force ID: 202006 • https://exchange.xforce.ibmcloud.com/vulnerabilities/202006 •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2021-29692
https://notcve.org/view.php?id=CVE-2021-29692
20 May 2021 — IBM Security Identity Manager 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 200253. IBM Security Identity Manager versión 7.0.2, podría permitir a un atacante remoto obtener información confidencial, causada por el fallo al habilitar apropiadamente HTTP Strict Transport Security. U... • https://exchange.xforce.ibmcloud.com/vulnerabilities/200253 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-29691
https://notcve.org/view.php?id=CVE-2021-29691
20 May 2021 — IBM Security Identity Manager 7.0.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 200252. IBM Security Identity Manager versión 7.0.2, contiene credenciales embebidas, como una contraseña o clave criptográfica, que usa para su propia autenticación entrante, comunicación saliente a componentes externos o cifrado de datos internos. IB... • https://exchange.xforce.ibmcloud.com/vulnerabilities/200252 • CWE-798: Use of Hard-coded Credentials •