Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:sparc:*
There are 38 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2020-4578

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 184433.

Published: September 10, 2020; 1:15:33 PM -0400
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2020-4559

IBM Spectrum Protect 7.1 and 8.1 could allow an attacker to cause a denial of service due ti improper validation of user-supplied input. IBM X-Force ID: 183613.

Published: August 28, 2020; 11:15:12 AM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2020-4320

IBM MQ Appliance and IBM MQ AMQP Channels 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD do not correctly block or allow clients based on the certificate distinguished name SSLPEER setting. IBM X-Force ID: 177403.

Published: June 16, 2020; 10:15:11 AM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2020-4310

IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic. IBM X-Force ID: 177081.

Published: June 16, 2020; 10:15:11 AM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2020-4365

IBM WebSphere Application Server 8.5 is vulnerable to server-side request forgery. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 178964.

Published: May 14, 2020; 12:15:15 PM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2020-4299

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 could expose sensitive information to a user through a specially crafted HTTP request. IBM X-Force ID: 176606.

Published: May 14, 2020; 12:15:15 PM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2020-4259

IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 could allow an authenticated user could manipulate cookie information and remove or add modules from the cookie to access functionality not authorized to. IBM X-Force ID: 175638.

Published: May 14, 2020; 12:15:14 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2020-11582

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, launches a TCP server that accepts local connections on a random port. This can be reached by local HTTP clients, because up to 25 invalid lines are ignored, and because DNS rebinding can occur. (This server accepts, for example, a setcookie command that might be relevant to CVE-2020-11581 exploitation.)

Published: April 06, 2020; 5:15:13 PM -0400
V3.1: 8.8 HIGH
V2.0: 3.3 LOW
CVE-2020-11581

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, allows a man-in-the-middle attacker to perform OS command injection attacks (against a client) via shell metacharacters to the doCustomRemediateInstructions method, because Runtime.getRuntime().exec() is used.

Published: April 06, 2020; 5:15:13 PM -0400
V3.1: 8.1 HIGH
V2.0: 9.3 HIGH
CVE-2020-11580

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, accepts an arbitrary SSL certificate.

Published: April 06, 2020; 5:15:13 PM -0400
V3.1: 9.1 CRITICAL
V2.0: 6.4 MEDIUM
CVE-2019-4681

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 171734.

Published: March 24, 2020; 12:15:12 PM -0400
V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2019-4719

IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data.

Published: March 16, 2020; 12:15:12 PM -0400
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2019-4656

IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD is vulnerable to a denial of service attack that would allow an authenticated user to crash the queue and require a restart due to an error processing error messages. IBM X-Force ID: 170967.

Published: March 16, 2020; 12:15:12 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2019-4619

IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 168862.

Published: March 16, 2020; 12:15:12 PM -0400
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2018-21033

A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00 and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets (CSS) token sequence. Hitachi Command Suite includes Hitachi Device Manager, Hitachi Tiered Storage Manager, Hitachi Replication Manager, Hitachi Tuning Manager, Hitachi Global Link Manager and Hitachi Compute Systems Manager.

Published: February 14, 2020; 11:15:09 AM -0500
V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2018-21032

A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and Hitachi Automation Director prior to 8.5.0-00 allow authenticated remote users to expose technical information through error messages. Hitachi Command Suite includes Hitachi Device Manager and Hitachi Compute Systems Manager.

Published: February 14, 2020; 11:15:09 AM -0500
V3.1: 4.3 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2019-4614

IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS client connecting to a Queue Manager could cause a SIGSEGV denial of service caused by converting an invalid message. IBM X-Force ID: 168639.

Published: January 28, 2020; 2:15:13 PM -0500
V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2019-4568

IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS could allow a remote attacker with intimate knowledge of the server to cause a denial of service when receiving data on the channel. IBM X-Force ID: 166629.

Published: January 28, 2020; 2:15:13 PM -0500
V3.1: 5.9 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2019-17360

A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 allows an unauthenticated remote user to trigger a denial of service (DoS) condition because of Uncontrolled Resource Consumption.

Published: November 12, 2019; 1:15:11 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2018-21026

A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.6.5-00 allows an unauthenticated remote user to read internal information.

Published: November 12, 2019; 1:15:10 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM