Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-30 | CVE-2020-4584 | Information Exposure Through an Error Message vulnerability in IBM I2 Ibase 8.9.13 IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 7.5 |
| 2020-10-29 | CVE-2020-4724 | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.0/9.2.1 IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
| 2020-10-29 | CVE-2020-4723 | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.0/9.2.1 IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
| 2020-10-29 | CVE-2020-4722 | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.0/9.2.1 IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
| 2020-10-29 | CVE-2020-4721 | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.0/9.2.1 IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
| 2020-10-28 | CVE-2020-4767 | Out-of-bounds Read vulnerability in IBM Sterling Connect:Direct IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. | 7.5 |
| 2020-10-20 | CVE-2019-4680 | SQL Injection vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.2.2 is vulnerable to SQL injection. | 8.8 |
| 2020-10-16 | CVE-2020-4636 | Command Injection vulnerability in IBM Resilient Security Orchestration Automation and Response 38.2 IBM Resilient OnPrem 38.2 could allow a privileged user to inject malicious commands through Python3 scripting. | 7.2 |
| 2020-10-16 | CVE-2020-4254 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Guardium BIG Data Intelligence 1.0 IBM Security Guardium Big Data Intelligence 1.0 (SonarG) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2020-10-12 | CVE-2020-4388 | Improper Handling of Exceptional Conditions vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 and 11.1 could be vulnerable to a denial of service attack by failing to catch exceptions in a servlet also exposing debug information could also be used in future attacks. | 8.2 |