Total
450 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-4357 | 1 Ibm | 1 Spectrum Scale | 2024-11-21 | 4.3 Medium |
| IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 178761. | ||||
| CVE-2020-4341 | 1 Ibm | 1 Security Secret Server | 2024-11-21 | 5.3 Medium |
| IBM Security Secret Server 10.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 178181. | ||||
| CVE-2020-4327 | 1 Ibm | 1 Security Secret Server | 2024-11-21 | 5.3 Medium |
| IBM Security Secret Server 10.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 177599. | ||||
| CVE-2020-4319 | 1 Ibm | 1 Mq Appliance | 2024-11-21 | 4.3 Medium |
| IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and 9.1 CD could allow under special circumstances, an authenticated user to obtain sensitive information due to a data leak from an error message within the pre-v7 pubsub logic. IBM X-Force ID: 177402. | ||||
| CVE-2020-4277 | 1 Ibm | 1 Tririga Application Platform | 2024-11-21 | 7.5 High |
| IBM TRIRIGA Application Platform 3.5.3 and 3.6.1 discloses sensitive information in error messages that could aid an attacker formulate future attacks. IBM X-Force ID: 175993. | ||||
| CVE-2020-4248 | 1 Ibm | 1 Security Identity Governance And Intelligence | 2024-11-21 | 2.7 Low |
| IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 175484. | ||||
| CVE-2020-4239 | 1 Ibm | 1 Tivoli Netcool\/impact | 2024-11-21 | 5.3 Medium |
| IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 175412. | ||||
| CVE-2020-4166 | 1 Ibm | 1 Security Guardium Insights | 2024-11-21 | 5.3 Medium |
| IBM Security Guardium Insights 2.0.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 174402. | ||||
| CVE-2020-4164 | 1 Ibm | 1 Security Information Queue | 2024-11-21 | 2.7 Low |
| IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could expose sensitive information from applicatino errors which could be used in further attacks against the system. IBM X-Force ID: 174400. | ||||
| CVE-2020-4085 | 1 Hcltech | 1 Connections | 2024-11-21 | 6.5 Medium |
| "HCL Connections is vulnerable to possible information leakage and could disclose sensitive information via stack trace to a local user." | ||||
| CVE-2020-35177 | 1 Hashicorp | 1 Vault | 2024-11-21 | 5.3 Medium |
| HashiCorp Vault and Vault Enterprise 1.4.1 and newer allowed the enumeration of users via the LDAP auth method. Fixed in 1.5.6 and 1.6.1. | ||||
| CVE-2020-2505 | 1 Qnap | 1 Qes | 2024-11-21 | 2.3 Low |
| If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later. | ||||
| CVE-2020-27015 | 1 Trendmicro | 1 Antivirus | 2024-11-21 | 4.4 Medium |
| Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2020-25778 | 1 Trendmicro | 1 Antivirus | 2024-11-21 | 6.0 Medium |
| Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in a specific kernel extension where an attacker could supply a kernel pointer and leak several bytes of memory. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2020-25640 | 1 Redhat | 5 Jboss Enterprise Application Platform, Jboss Fuse, Openshift Application Runtimes and 2 more | 2024-11-21 | 5.3 Medium |
| A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file. | ||||
| CVE-2020-25633 | 2 Quarkus, Redhat | 7 Quarkus, Jboss Enterprise Application Platform, Jboss Fuse and 4 more | 2024-11-21 | 5.3 Medium |
| A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the server's potentially sensitive information when the server got WebApplicationException from the RESTEasy client call. The highest threat from this vulnerability is to data confidentiality. | ||||
| CVE-2020-24925 | 1 Elkarbackup | 1 Elkarbackup | 2024-11-21 | 7.5 High |
| A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker is able to view the path of the source code jobs/sort where entire source code path is displayed in the browser itself helping the attacker identify the code structure /app/elkarbackup/src/Binovo/ElkarBackupBundle/Controller/DefaultController.php | ||||
| CVE-2020-23995 | 1 Ilias | 1 Ilias | 2024-11-21 | 6.5 Medium |
| An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote authenticated attackers to get the upload data path via a workspace upload. | ||||
| CVE-2020-20470 | 1 White Shark Systems Project | 1 White Shark Systems | 2024-11-21 | 5.3 Medium |
| White Shark System (WSS) 1.3.2 has web site physical path leakage vulnerability. | ||||
| CVE-2020-1717 | 1 Redhat | 4 Jboss Fuse, Keycloak, Openshift Application Runtimes and 1 more | 2024-11-21 | 2.7 Low |
| A flaw was found in Keycloak 7.0.1. A logged in user can do an account email enumeration attack. | ||||