cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2012-3341,https://securityvulnerability.io/vulnerability/CVE-2012-3341,,"IBM InfoSphere Guardium 7.0, 8.0, 8.01, and 8.2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM X-Force ID: 78294.",IBM,Infosphere Guardium,6.4,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2020-09-01T17:15:00.000Z,0
CVE-2012-3338,https://securityvulnerability.io/vulnerability/CVE-2012-3338,,"IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to bypass security restrictions, caused by improper restrictions on the create new user account functionality. An attacker could exploit this vulnerability to create unprivileged user accounts. IBM X-Force ID: 78286.",IBM,Infosphere Guardium,3.7,LOW,0.000750000006519258,false,,false,false,false,,,false,false,,2020-09-01T17:15:00.000Z,0
CVE-2012-3340,https://securityvulnerability.io/vulnerability/CVE-2012-3340,,"IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML external entity injection, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 78291.",IBM,Infosphere Guardium,4.3,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2020-09-01T17:15:00.000Z,0
CVE-2012-3337,https://securityvulnerability.io/vulnerability/CVE-2012-3337,,"IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing &quot;dot dot&quot; sequences (/../) to download arbitrary files on the system. IBM X-Force ID: 78284.",IBM,Infosphere Guardium,5.3,MEDIUM,0.0008200000156648457,false,,false,false,false,,,false,false,,2020-09-01T16:15:00.000Z,0
CVE-2012-3336,https://securityvulnerability.io/vulnerability/CVE-2012-3336,,"IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to multiple scripts, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 78282.",IBM,Infosphere Guardium,6.3,MEDIUM,0.0010499999625608325,false,,false,false,false,,,false,false,,2020-09-01T16:15:00.000Z,0
CVE-2020-4173,https://securityvulnerability.io/vulnerability/CVE-2020-4173,,IBM Guardium Activity Insights 10.6 and 11.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 174682.,IBM,Infosphere Guardium Activity Monitor,3.1,LOW,0.0007999999797903001,false,,false,false,false,,,false,false,,2020-07-09T19:15:00.000Z,0
CVE-2013-0490,https://securityvulnerability.io/vulnerability/CVE-2013-0490,,Unspecified vulnerability in IBM InfoSphere Guardium S-TAP 8.1 for DB2 on z/OS allows local users to gain privileges via unknown vectors.,IBM,Infosphere Guardium,,,0.0004199999966658652,false,,false,false,false,,,false,false,,2013-02-27T21:00:00.000Z,0
CVE-2012-3312,https://securityvulnerability.io/vulnerability/CVE-2012-3312,,"The datasource definition editor in IBM InfoSphere Guardium 8.2 and earlier, when the save-password setting is enabled, transmits cleartext database credentials, which allows remote attackers to obtain sensitive information by sniffing the network.",IBM,Infosphere Guardium,,,0.002139999996870756,false,,false,false,false,,,false,false,,2012-08-29T22:00:00.000Z,0
CVE-2012-3309,https://securityvulnerability.io/vulnerability/CVE-2012-3309,,"Cross-site request forgery (CSRF) vulnerability in the account-creation panel in IBM InfoSphere Guardium 8.2 and earlier, when the CSRF filtering (aka csrf_status) feature is disabled, allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.",IBM,Infosphere Guardium,,,0.0019000000320374966,false,,false,false,false,,,false,false,,2012-08-29T22:00:00.000Z,0