NotCVE - vendor:"Oracle" product:"Solaris"

Page 14 of 745 results (0.002 seconds)

CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0

CVE-2021-20354

https://notcve.org/view.php?id=CVE-2021-20354

18 Feb 2021 — IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 194883. IBM WebSphere Application Server versiones 8.0, 8.5 y 9.0, podría permitir a un atacante remoto un salto de directorio. Un atacante podría enviar una petición URL especialmente diseñada que contenga secuencias "dot dot" (/../) para visualizar ar... • https://exchange.xforce.ibmcloud.com/vulnerabilities/194883 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 8.2EPSS: 0%CPEs: 11EXPL: 0

CVE-2020-4949

https://notcve.org/view.php?id=CVE-2020-4949

26 Jan 2021 — IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192025. IBM WebSphere Application Server versiones 7.0, 8.0, 8.5 y 9.0, es vulnerable a un ataque de tipo XML External Entity Injection (XXE) al procesar datos XML. Un atacante remoto podría aprovechar esta vulnerabilidad para exponer... • https://exchange.xforce.ibmcloud.com/vulnerabilities/192025 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2020-4762

https://notcve.org/view.php?id=CVE-2020-4762

05 Jan 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow an authenticated user to create a privileged account due to improper access controls. IBM X-Force ID: 188896. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 5.2.6.5_2, versiones 6.0.0.0 hasta 6.0.3.2 y 6.1.0.0, podría permitir a un usuario autenticado crear una cuenta con privilegios debido a controles de acceso inapropiados. IBM X-Force ID: 188896 • https://exchange.xforce.ibmcloud.com/vulnerabilities/188896 •

CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0

CVE-2020-4761

https://notcve.org/view.php?id=CVE-2020-4761

05 Jan 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 188895. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 5.2.6.5_2, versiones 6.0.0.0 hasta 6.0.3.2 y 6.1.0.0, podría permitir a un atacante remoto conseguir informaci... • https://exchange.xforce.ibmcloud.com/vulnerabilities/188895 • CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 9.0EPSS: 18%CPEs: 9EXPL: 0

CVE-2019-4728

https://notcve.org/view.php?id=CVE-2019-4728

05 Jan 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code with SYSTEM privileges. IBM X-Force ID: 172452. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 5.2.6.5_2, versiones 6.0.0.0 hasta 6.0.3.2 y 6.1.0.0, pod... • https://exchange.xforce.ibmcloud.com/vulnerabilities/172452 • CWE-502: Deserialization of Untrusted Data •

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2020-4870

https://notcve.org/view.php?id=CVE-2020-4870

21 Dec 2020 — IBM MQ 9.2 CD and LTS are vulnerable to a denial of service attack caused by an error processing connecting applications. IBM X-Force ID: 190833. IBM MQ versiones 9.2 CD y LTS, son vulnerables a un ataque de denegación de servicio causado por un error al procesar unas aplicaciones de conexión. IBM X-Force ID: 190833 • https://exchange.xforce.ibmcloud.com/vulnerabilities/190833 •

CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0

CVE-2020-4658

https://notcve.org/view.php?id=CVE-2020-4658

16 Dec 2020 — IBM Sterling File Gateway 2.2.0.0 through 6.0.3.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186095. IBM Sterling File Gateway versiones 2.2.0.0 hasta 6.0.3.2, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la interfa... • https://exchange.xforce.ibmcloud.com/vulnerabilities/186095 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0

CVE-2020-4657

https://notcve.org/view.php?id=CVE-2020-4657

16 Dec 2020 — IBM Sterling B2B Integrator 5.2.0.0 through 6.0.3.2 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186094. IBM Sterling B2B Integrator versiones 5.2.0.0 hasta 6.0.3.2, Standard Edition, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar cód... • https://exchange.xforce.ibmcloud.com/vulnerabilities/186094 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2019-4738

https://notcve.org/view.php?id=CVE-2019-4738

10 Dec 2020 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1 discloses sensitive information to an authenticated user from the dashboard UI which could be used in further attacks against the system. IBM X-Force ID: 172753. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 5.2.6.5 y versiones 6.0.0.0 hasta 6.0.3.1, revela información confidencial a un usuario autenticado desde la interfaz de usuario del panel de control que podría ser usado en nuevos ata... • https://exchange.xforce.ibmcloud.com/vulnerabilities/172753 • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2020-4937

https://notcve.org/view.php?id=CVE-2020-4937

20 Nov 2020 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 191814. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 6.0.3.2, usa algoritmos criptográficos más débiles de lo esperado lo que podría permitir a un atacante descifrar información altamente confidencial. IBM X-Force ID: 191814 • https://exchange.xforce.ibmcloud.com/vulnerabilities/191814 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

1...12 13 14 15 16