CVE-2020-27990

Nagios XI before 5.7.5 is vulnerable to XSS in the Deployment tool (add agent).

Source: CVE-2020-27990

CVE-2020-4476

IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 181778.

Source: CVE-2020-4476

CVE-2020-4655

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 186091.

Source: CVE-2020-4655

CVE-2020-27991

Nagios XI before 5.7.5 is vulnerable to XSS in Account Information (Email field).

Source: CVE-2020-27991

CVE-2020-27989

Nagios XI before 5.7.5 is vulnerable to XSS in Dashboard Tools (Edit Dashboard).

Source: CVE-2020-27989

CVE-2020-27988

Nagios XI before 5.7.5 is vulnerable to XSS in Manage Users (Username field).

Source: CVE-2020-27988

CVE-2020-27627

JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection.

Source: CVE-2020-27627

CVE-2020-27622

In JetBrains IntelliJ IDEA before 2020.2, the built-in web server could expose information about the IDE version.

Source: CVE-2020-27622

CVE-2020-27623

JetBrains IdeaVim before version 0.58 might have caused an information leak in limited circumstances.

Source: CVE-2020-27623

CVE-2020-13769

LDMS/alert_log.aspx in Ivanti Endpoint Manager through 2020.1 allows SQL Injection via a /remotecontrolauth/api/device request.

Source: CVE-2020-13769