IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to escalate their privileges to administrator due to insufficient authorization checks. IBM X-Force ID: 184981. Date published : 2020-09-22 https://www.ibm.com/support/pages/node/6335281 https://exchange.xforce.ibmcloud.com/vulnerabilities/184981
IBM Data Risk Manager (iDNA) 2.0.6 could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially-crafted HTTP request, a remote attacker could...
IBM Data Risk Manager (iDNA) 2.0.6 stores user credentials in plain in clear text which can be read by an authenticated user. IBM X-Force ID: 184976. Date published : 2020-09-22 https://www.ibm.com/support/pages/node/6335281 https://exchange.xforce.ibmcloud.com/vulnerabilities/184976
IBM Data Risk Manager (iDNA) 2.0.6 could allow a privileged user to cause a denial of service due to improper input validation. IBM X-Force ID: 184937. Date published : 2020-09-22 https://www.ibm.com/support/pages/node/6335281 https://exchange.xforce.ibmcloud.com/vulnerabilities/184937
IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID:...
IBM Data Risk Manager (iDNA) 2.0.6 could disclose sensitive username information to an attacker using a specially crafted HTTP request. IBM X-Force ID: 184929. Date published : 2020-09-22 https://www.ibm.com/support/pages/node/6335281 https://exchange.xforce.ibmcloud.com/vulnerabilities/184929
IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...
IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 184927. Date published : 2020-09-22 https://www.ibm.com/support/pages/node/6335281 https://exchange.xforce.ibmcloud.com/vulnerabilities/184927
IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184925. Date published : 2020-09-22 https://www.ibm.com/support/pages/node/6335281 https://exchange.xforce.ibmcloud.com/vulnerabilities/184925
IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to obtain sensitive information using a specially crafted HTTP request. IBM X-Force ID: 184924. Date published : 2020-09-22 https://www.ibm.com/support/pages/node/6335281 https://exchange.xforce.ibmcloud.com/vulnerabilities/184924
IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to bypass security and execute actions reserved for admins. IBM X-Force ID: 184922. Date published : 2020-09-22 https://www.ibm.com/support/pages/node/6335281 https://exchange.xforce.ibmcloud.com/vulnerabilities/184922
VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication. Successful exploitation of this issue may...
Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or...
A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal...