Vulnerabilities > IBM > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-11-30 | CVE-2020-4627 | Injection vulnerability in IBM Cloud PAK for Security 1.3.0.1 IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection. | 9.0 |
2020-11-09 | CVE-2020-4759 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Filenet Content Manager 5.5.4/5.5.5 IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. | 9.3 |
2020-10-29 | CVE-2020-4724 | Classic Buffer Overflow vulnerability in IBM I2 Analysts Notebook 9.2.0/9.2.1 IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 9.3 |
2020-10-29 | CVE-2020-4723 | Classic Buffer Overflow vulnerability in IBM I2 Analysts Notebook 9.2.0/9.2.1 IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 9.3 |
2020-10-29 | CVE-2020-4722 | Classic Buffer Overflow vulnerability in IBM I2 Analysts Notebook 9.2.0/9.2.1 IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 9.3 |
2020-10-29 | CVE-2020-4721 | Classic Buffer Overflow vulnerability in IBM I2 Analysts Notebook 9.2.0/9.2.1 IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 9.3 |
2020-10-12 | CVE-2020-4302 | Improper Handling of Exceptional Conditions vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to execute arbitrary code on the system, caused by a CSV injection. | 9.3 |
2020-10-08 | CVE-2020-4280 | Deserialization of Untrusted Data vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute arbitrary commands on the system, caused by insecure deserialization of user-supplied content by the Java deserialization function. | 9.0 |
2020-09-22 | CVE-2020-4620 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. | 9.0 |
2020-09-15 | CVE-2020-4521 | Deserialization of Untrusted Data vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in Java. | 9.0 |