Total
214 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-20396 | 1 Ibm | 1 Security Qradar Analyst Workflow | 2024-11-21 | 2.1 LOW | 3.3 LOW |
IBM QRadar Analyst Workflow App 1.0 through 1.18.0 for IBM QRadar SIEM allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 196009. | |||||
CVE-2021-20391 | 1 Ibm | 1 Qradar User Behavior Analytics | 2024-11-21 | 2.1 LOW | 3.3 LOW |
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 195999. | |||||
CVE-2021-0639 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
In multiple functions of libl3oemcrypto.cpp, there is a possible weakness in the existing obfuscation mechanism due to the way sensitive data is handled. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-190724551 | |||||
CVE-2020-9202 | 1 Huawei | 1 Te Mobile | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
There is an information disclosure vulnerability in TE Mobile software versions V600R006C10,V600R006C10SPC100. Due to the improper storage of some information in certain specific scenario, the attacker can gain information in the victim's device to launch the attack, successful exploit could cause information disclosure. | |||||
CVE-2020-8482 | 1 Abb | 1 Device Library Wizard | 2024-11-21 | 2.1 LOW | 7.8 HIGH |
Insecure storage of sensitive information in ABB Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2 allows unauthenticated low privilege user to read file that contains confidential data | |||||
CVE-2020-8481 | 1 Abb | 1 800xa System | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, confidential data is written in an unprotected file. An attacker who successfully exploited this vulnerability could take full control of the computer. | |||||
CVE-2020-7000 | 1 Visam | 2 Vbase Editor, Vbase Web-remote | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow an unauthenticated attacker to discover the cryptographic key from the web server and gain information about the login and the encryption/decryption mechanism, which may be exploited to bypass authentication of the HTML5 HMI web interface. | |||||
CVE-2020-5262 | 1 Easybuild Project | 1 Easybuild | 2024-11-21 | 2.1 LOW | 7.7 HIGH |
In EasyBuild before version 4.1.2, the GitHub Personal Access Token (PAT) used by EasyBuild for the GitHub integration features (like `--new-pr`, `--fro,-pr`, etc.) is shown in plain text in EasyBuild debug log files. This issue is fixed in EasyBuild v4.1.2, and in the `master`+ `develop` branches of the `easybuild-framework` repository. | |||||
CVE-2020-5008 | 1 Ibm | 1 Datapower Gateway | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.14 stores sensitive information in GET request parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 193033. | |||||
CVE-2020-4906 | 1 Ibm | 1 Financial Transaction Manager For Multiplatform | 2024-11-21 | 2.1 LOW | 3.3 LOW |
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to be stored locally which can be read by another user on the system. | |||||
CVE-2020-4886 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 2.1 LOW | 3.3 LOW |
IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that could be obtained by a user who has access to the same system. IBM X-Force ID: 190910. | |||||
CVE-2020-4871 | 1 Ibm | 1 Planning Analytics | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
IBM Planning Analytics 2.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 190834. | |||||
CVE-2020-4809 | 1 Ibm | 1 Edge Application Manager | 2024-11-21 | 2.1 LOW | 3.3 LOW |
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189633. | |||||
CVE-2020-4805 | 1 Ibm | 1 Edge Application Manager | 2024-11-21 | 2.1 LOW | 3.3 LOW |
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189539. | |||||
CVE-2020-4803 | 1 Ibm | 1 Edge Application Manager | 2024-11-21 | 2.1 LOW | 3.3 LOW |
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189535. | |||||
CVE-2020-4765 | 1 Ibm | 1 Cloud Pak For Multicloud Management | 2024-11-21 | 2.1 LOW | 3.3 LOW |
IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 188902. | |||||
CVE-2020-4726 | 1 Ibm | 1 Cloud Application Performance Management | 2024-11-21 | 2.1 LOW | 3.3 LOW |
The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 187975. | |||||
CVE-2020-4674 | 1 Ibm | 1 Workload Automation | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
IBM Workload Automation 9.5 stores the server path in URLs that could aid in further attacks against the system. IBM X-Force ID: 186287. | |||||
CVE-2020-4673 | 1 Ibm | 1 Workload Automation | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
IBM Workload Automation 9.5 stores sensitive information in HTML comments that could aid in further attacks against the system. IBM X-Force ID: 186286. | |||||
CVE-2020-4650 | 1 Ibm | 1 Maximo Spatial Asset Management | 2024-11-21 | 2.1 LOW | 3.3 LOW |
IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 186023. |