CVE-2021-20435
IBM Security Verify Bridge 1.0.5.0 does not properly validate a certificate which could allow a local attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-Force ID: 196355.
Source: CVE-2021-20435
CVE-2020-4941
IBM Edge 4.2 could reveal sensitive version information about the server from error pages that could aid an attacker in further attacks against the system. IBM X-Force ID: 191941.
Source: CVE-2020-4941
CVE-2021-22276
The vulnerability allows a successful attacker to bypass the integrity check of FW uploaded to the free@home System Access Point.
Source: CVE-2021-22276
CVE-2021-20485
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 197667.
Source: CVE-2021-20485
CVE-2021-20434
IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 196346.
Source: CVE-2021-20434
CVE-2021-26794
Privilege escalation in ‘upload.php’ in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file.
Source: CVE-2021-26794
CVE-2020-4803
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189535.
Source: CVE-2020-4803
CVE-2020-4690
IBM Security Guardium 11.3 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 186697.
Source: CVE-2020-4690
CVE-2021-41428
Insecure permissions in Update Manager <= 5.8.0.2300 and DFL <= 12.5.1001.5 in DATEV programs v14.1 allows attacker to escalate privileges via insufficient configuration of service components.
Source: CVE-2021-41428
CVE-2021-41381
Payara Micro Community 5.2021.6 and below allows Directory Traversal.
Source: CVE-2021-41381