Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x-force vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2020-4561
IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in unauthenticated sessions. This allows a remote attacker who can access a valid CA endpoint to read and write files to the Cognos Analytics system. IBM X-Force ID: 183903.
Ibm Cognos Analytics 11.0.0
Ibm Cognos Analytics 11.1.0
Netapp Oncommand Insight -
10
CVSSv3
CVE-2019-4202
IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal is vulnerable to command injection. An attacker with a specially crafted request can run arbitrary code on the server and gain complete access to the system. IBM X-Force ID: 159123.
Ibm Api Connect
10
CVSSv3
CVE-2018-1722
IBM Security Access Manager Appliance 9.0.4.0 and 9.0.5.0 could allow remote code execution when Advanced Access Control or Federation services are running. IBM X-Force ID: 147370.
Ibm Security Access Manager 9.0.4.0
Ibm Security Access Manager 9.0.5.0
9.9
CVSSv3
CVE-2019-4013
IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.
Ibm Bigfix Platform
1 EDB exploit
9.9
CVSSv3
CVE-2018-1969
IBM Security Identity Manager 6.0.0 allows the malicious user to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 153750.
Ibm Security Identity Manager
9.9
CVSSv3
CVE-2018-1789
IBM API Connect v2018.1.0 through v2018.3.4 could allow an malicious user to send a specially crafted request to conduct a server side request forgery attack. IBM X-Force ID: 148939.
Ibm Api Connect
9.9
CVSSv3
CVE-2018-1712
IBM API Connect's Developer Portal 5.0.0.0 up to and including 5.0.8.3 is vulnerable to Server Side Request Forgery. An attacker, using specially crafted input parameters can trick the server into making potentially malicious calls within the trusted network. IBM X-Force ID:...
Ibm Api Connect
9.9
CVSSv3
CVE-2017-1253
IBM Security Guardium 10.0 could allow a remote authenticated malicious user to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 124633.
Ibm Security Guardium 10.0
Ibm Security Guardium 10.0.1
Ibm Security Guardium 10.1
Ibm Security Guardium 10.1.2
9.8
CVSSv3
CVE-2023-32328
IBM Security Verify Access 10.0.0.0 up to and including 10.0.6.1 uses insecure protocols in some instances that could allow an attacker on the network to take control of the server. IBM X-Force Id: 254957.
Ibm Security Verify Access
9.8
CVSSv3
CVE-2023-32330
IBM Security Verify Access 10.0.0.0 up to and including 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server. IBM X-Force ID: 254977.
Ibm Security Verify Access
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »