cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-20368,https://securityvulnerability.io/vulnerability/CVE-2021-20368,,IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195357.,IBM,Cloud Pak For Applications,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2021-07-13T16:15:00.000Z,0
CVE-2021-20366,https://securityvulnerability.io/vulnerability/CVE-2021-20366,,IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195037.,IBM,Cloud Pak For Applications,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2021-07-13T16:15:00.000Z,0
CVE-2021-20422,https://securityvulnerability.io/vulnerability/CVE-2021-20422,,IBM Cloud Pak for Applications 4.3 could disclose sensitive information to a malicious attacker by accessing data stored in memory. IBM X-Force ID: 196304.,IBM,Cloud Pak For Applications,7.5,HIGH,0.001069999998435378,false,,false,false,false,,,false,false,,2021-07-13T16:15:00.000Z,0
CVE-2021-20423,https://securityvulnerability.io/vulnerability/CVE-2021-20423,,IBM Cloud Pak for Applications 4.3 could allow an authenticated user gain escalated privilesges due to improper application permissions. IBM X-Force ID: 196308.,IBM,Cloud Pak For Applications,8.8,HIGH,0.0009200000204145908,false,,false,false,false,,,false,false,,2021-07-13T16:15:00.000Z,0
CVE-2021-20424,https://securityvulnerability.io/vulnerability/CVE-2021-20424,,IBM Cloud Pak for Applications 4.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. X-Force ID: 196309.,IBM,Cloud Pak For Applications,4.3,MEDIUM,0.0007600000244565308,false,,false,false,false,,,false,false,,2021-07-13T16:15:00.000Z,0
CVE-2021-20369,https://securityvulnerability.io/vulnerability/CVE-2021-20369,,IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195361.,IBM,Cloud Pak For Applications,5.9,MEDIUM,0.001069999998435378,false,,false,false,false,,,false,false,,2021-07-13T16:15:00.000Z,0
CVE-2021-20360,https://securityvulnerability.io/vulnerability/CVE-2021-20360,,IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195031.,IBM,Cloud Pak For Applications,5.9,MEDIUM,0.001069999998435378,false,,false,false,false,,,false,false,,2021-07-13T16:15:00.000Z,0
CVE-2021-20361,https://securityvulnerability.io/vulnerability/CVE-2021-20361,,IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195032.,IBM,Cloud Pak For Applications,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2021-07-13T16:15:00.000Z,0
CVE-2021-20362,https://securityvulnerability.io/vulnerability/CVE-2021-20362,,IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195033.,IBM,Cloud Pak For Applications,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2021-07-13T16:15:00.000Z,0
CVE-2021-20363,https://securityvulnerability.io/vulnerability/CVE-2021-20363,,IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195034.,IBM,Cloud Pak For Applications,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2021-07-13T16:15:00.000Z,0
CVE-2021-20364,https://securityvulnerability.io/vulnerability/CVE-2021-20364,,IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195035.,IBM,Cloud Pak For Applications,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2021-07-13T16:15:00.000Z,0
CVE-2021-20365,https://securityvulnerability.io/vulnerability/CVE-2021-20365,,IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195036.,IBM,Cloud Pak For Applications,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2021-07-13T16:15:00.000Z,0
CVE-2020-4433,https://securityvulnerability.io/vulnerability/CVE-2020-4433,,"Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker with intimate knowledge of the server to execute arbitrary code on the system with the privileges of root or cause server to crash. IBM X-Force ID: 180814.",IBM,"Aspera Faspex On Demand,Aspera Server On Demand,Aspera High-speed Transfer Server For Cloud Pak For Integration (cp4i),Aspera High-speed Transfer Endpoint,Aspera Streaming,Aspera Transfer Cluster Manager,Aspera High-speed Transfer Server,Aspera Shares On Demand,Aspera Application Platform On Demand,Aspera Proxy Server",7.5,HIGH,0.014390000142157078,false,,false,false,false,,,false,false,,2020-06-10T13:15:00.000Z,0
CVE-2020-4435,https://securityvulnerability.io/vulnerability/CVE-2020-4435,,"Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-Force ID: 180901.",IBM,"Aspera Transfer Cluster Manager,Aspera High-speed Transfer Server,Aspera Shares On Demand,Aspera Application Platform On Demand,Aspera Proxy Server,Aspera Faspex On Demand,Aspera Server On Demand,Aspera High-speed Transfer Server For Cloud Pak For Integration (cp4i),Aspera Streaming,Aspera High-speed Transfer Endpoint",7.5,HIGH,0.00139999995008111,false,,false,false,false,,,false,false,,2020-06-10T13:15:00.000Z,0
CVE-2020-4436,https://securityvulnerability.io/vulnerability/CVE-2020-4436,,"Certain IBM Aspera applications are vulnerable to buffer overflow after valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code through a service. IBM X-Force ID: 180902.",IBM,"Aspera Faspex On Demand,Aspera High-speed Transfer Server For Cloud Pak For Integration (cp4i),Aspera High-speed Transfer Endpoint,Aspera Streaming,Aspera Server On Demand,Aspera Shares On Demand,Aspera Application Platform On Demand,Aspera Transfer Cluster Manager,Aspera High-speed Transfer Server,Aspera Proxy Server",8.8,HIGH,0.0018400000408291817,false,,false,false,false,,,false,false,,2020-06-10T13:15:00.000Z,0
CVE-2020-4434,https://securityvulnerability.io/vulnerability/CVE-2020-4434,,"Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-Force ID: 180900.",IBM,"Aspera Shares On Demand,Aspera Application Platform On Demand,Aspera Transfer Cluster Manager,Aspera High-speed Transfer Server,Aspera Proxy Server,Aspera Faspex On Demand,Aspera High-speed Transfer Server For Cloud Pak For Integration (cp4i),Aspera High-speed Transfer Endpoint,Aspera Streaming,Aspera Server On Demand",7.5,HIGH,0.0018400000408291817,false,,false,false,false,,,false,false,,2020-06-10T13:15:00.000Z,0
CVE-2020-4432,https://securityvulnerability.io/vulnerability/CVE-2020-4432,,"Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API. IBM X-Force ID: 180810.",IBM,"Aspera Streaming,Aspera High-speed Transfer Endpoint,Aspera High-speed Transfer Server For Cloud Pak For Integration (cp4i),Aspera Server On Demand,Aspera Faspex On Demand,Aspera Proxy Server,Aspera Application Platform On Demand,Aspera Shares On Demand,Aspera High-speed Transfer Server,Aspera Transfer Cluster Manager",7.5,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2020-06-10T13:15:00.000Z,0