Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-09 | CVE-2020-4759 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Filenet Content Manager 5.5.4/5.5.5 IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. | 7.8 |
| 2020-10-30 | CVE-2020-4588 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM I2 Ibase 8.9.13 IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. | 7.8 |
| 2020-10-30 | CVE-2020-4584 | Information Exposure Through an Error Message vulnerability in IBM I2 Ibase 8.9.13 IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 7.5 |
| 2020-10-29 | CVE-2020-4724 | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.0/9.2.1 IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
| 2020-10-29 | CVE-2020-4723 | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.0/9.2.1 IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
| 2020-10-29 | CVE-2020-4722 | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.0/9.2.1 IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
| 2020-10-29 | CVE-2020-4721 | Out-of-bounds Write vulnerability in IBM I2 Analysts Notebook 9.2.0/9.2.1 IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. | 7.8 |
| 2020-10-28 | CVE-2020-4767 | Out-of-bounds Read vulnerability in IBM Sterling Connect:Direct IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. | 7.5 |
| 2020-10-20 | CVE-2019-4680 | SQL Injection vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.2.2 is vulnerable to SQL injection. | 8.8 |
| 2020-10-16 | CVE-2020-4636 | Command Injection vulnerability in IBM Resilient Security Orchestration Automation and Response 38.2 IBM Resilient OnPrem 38.2 could allow a privileged user to inject malicious commands through Python3 scripting. | 7.2 |