149 matches found
Security Bulletin: IBM Security Guardium is affected by a Cross-Site Scripting vulnerability
Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2020-4182 DESCRIPTION: IBM Security Guardium is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend...
Security Bulletin: IBM Security Guardium is affected by a Use of Insufficiently Random Value vulnerability
Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2020-4188 DESCRIPTION: IBM Security Guardium may use insufficiently random numbers or values in a security context that depends on unpredictable numbers. CVSS Base score: 5.3 CVSS Temporal...
Security Bulletin: IBM Security Guardium is affected by an Improper Restriction of Excessive Authentication Attempts vulnerability
Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2020-4193 DESCRIPTION: IBM Security Guardium uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. CVSS Base score: 4.4 CVSS...
Security Bulletin: IBM Security Guardium is affected by a Use of a Broken or Risky Cryptographic Algorithm vulnerability
Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2020-4191 DESCRIPTION: IBM Security Guardium uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CVSS Base score: 4.1 CV...
Security Bulletin: IBM Security Guardium is affected by a kernel vulnerability
Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2019-10126 DESCRIPTION: Linux Kernel is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the marvell wifi chip driver. By using a specially-crafted call, a local attacker...
Security Bulletin: IBM Security Guardium is affected by kernel vulnerabilities
Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-16871 DESCRIPTION: A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS...
Security Bulletin: IBM Security Guardium is affected by an OpenSSL vulnerability
Summary IBM Security Guardium has addressed the following vulnerability Vulnerability Details CVEID: CVE-2019-1559 DESCRIPTION: If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond...
CVE-2020-5983
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is outside the intended boundary of the frame buffer memory allocated to guest operating systems, which may lead to denial of...
CVE-2020-5984
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure. This affects vGPU version 8.x prior to 8.5, version 10.x prio...
Design/Logic Flaw
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 8.x prior to 8.5, version 10.x prior to 10.4 and version 11.0...
Design/Logic Flaw
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x prior to 8.5, version 10.x prior to 10.4 and version 11.0...
Design/Logic Flaw
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure. This affects vGPU version 8.x prior to 8.5, version 10.x prio...
CVE-2020-5985
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x prior to 8.5, version 10.x prior to 10.4 and version 11.0...
CVE-2020-5986
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x prior to 8.5, version 10.x prior to 10.4 and version 11.0...
Citrix SD-WAN WANOP Multiple Vulnerabilities (CTX281474)
The remote Citrix SD-WAN WANOP device is version 10.2.x prior to 10.2.7b, 11.0.x prior to 11.0.3f, 11.1.x prior to 11.1.2a, 11.2.x prior to 11.2.1a. It is, therefore, affected by multiple vulnerabilities: - A denial of service DoS vulnerability originating from the management network. CVE-2020-82...
version-11-0.string-db.org Cross Site Scripting vulnerability OBB-1347515
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Cisco Data Center Network Manager Privilege Escalation (cisco-sa-20180905-cdcnm-escalation)
According to its self-reported version, Cisco Data Center Network Manager is prior to version 11.01 and is, therefore, affected by a privilege escalation vulnerability in the web-based management interface due to incomplete validation of user input. An authenticated attacker could exploit this...
CVE-2019-4366
IBM Cognos Analytics 11.0 and 11.1 is susceptible to an information disclosure vulnerability where an attacker could gain access to cached browser data. IBM X-Force ID: 161748...
Intel Active Management Technology Information Disclosure Vulnerability (INTEL-SA-00295)
Intel Active Management Technology AMT is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...
Avaya IP Office 9.x < 10.1.0.8, 11.0 < 11.0.4.3 Information Disclosure Vulnerability
Avaya IP Office is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...