Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-4747
IBM Connect:Direct for UNIX 6.1.0, 6.0.0, 4.3.0, and 4.2.0 can allow a local or remote user to obtain an authenticated CLI session due to improper authentication methods. IBM X-Force ID: 188516.
Ibm Connect\\ Direct
9.8
CVSSv3
CVE-2020-25179
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.
Gehealthcare 3.0t Signa Hdxt Firmware -
Gehealthcare 3.0t Signa Hd 16 Firmware -
Gehealthcare 3.0t Signa Hd 23 Firmware -
Gehealthcare 1.5t Brivo Mr355 Firmware -
Gehealthcare Optima Mr360 Firmware -
Gehealthcare Signa Hdi 1.5t Firmware -
Gehealthcare Signa Vibrant Firmware -
Gehealthcare Logiq 5 Bt03 Firmware -
Gehealthcare Logiq 7 Bt03 Firmware -
Gehealthcare Logiq 7 Bt04 Firmware -
Gehealthcare Logiq 7 Bt06 Firmware -
Gehealthcare Logiq 9 Bt02 Firmware -
Gehealthcare Logiq 9 Bt03 Firmware -
Gehealthcare Logiq 9 Bt04 Firmware -
Gehealthcare Logiq 9 Bt06 Firmware -
Gehealthcare Vivid I Bt06 Firmware -
Gehealthcare Vivid 7 Bt02 Firmware -
Gehealthcare Vivid 7 Bt06 Firmware -
Gehealthcare Echopac Bt06 Firmware -
Gehealthcare Image Vault Firmware -
Gehealthcare Voluson 730 Bt05 Firmware -
Gehealthcare Voluson 730 Bt08 Firmware -
1 Article
9.8
CVSSv3
CVE-2020-4854
IBM Spectrum Protect Plus 10.1.0 thorugh 10.1.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 190454.
Ibm Spectrum Protect Plus
9.8
CVSSv3
CVE-2020-4499
IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applications. IBM X-Force ID: 182216.
Ibm Security Access Manager
Ibm Security Verify Access
9.8
CVSSv3
CVE-2020-4493
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow an malicious user to bypass authentication and issue commands using a specially crafted HTTP command. IBM X-Force ID: 181995.
Ibm Maximo Asset Management
9.8
CVSSv3
CVE-2019-0230
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
Apache Struts
Oracle Financial Services Market Risk Measurement And Management 8.0.6
Oracle Communications Policy Management 12.5.0
Oracle Financial Services Data Integration Hub 8.0.6
Oracle Financial Services Data Integration Hub 8.0.3
Oracle Mysql Enterprise Monitor
10 Github repositories
1 Article
9.8
CVSSv3
CVE-2020-4693
IBM Spectrum Protect Operations Center 7.1.0.000 up to and including 7.1.10 and 8.1.0.000 up to and including 8.1.9 may allow an malicious user to execute arbitrary code on the system, caused by improper validation of data prior to export. IBM X-Force ID: 186782.
Ibm Spectrum Protect Operations Center
9.8
CVSSv3
CVE-2019-4694
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 171832.
Ibm Guardium Data Encryption 3.0.0.2
Ibm Guardium For Cloud Key Management
9.8
CVSSv3
CVE-2020-4589
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 184585.
Ibm Websphere Application Server
9.8
CVSSv3
CVE-2020-4459
IBM Security Verify Access 10.7 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 181395.
Ibm Security Secret Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »