cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-29792,https://securityvulnerability.io/vulnerability/CVE-2021-29792,,"IBM Event Streams 10.0, 10.1, 10.2, and 10.3 could allow a user the CA private key to create their own certificates and deploy them in the cluster and gain privileges of another user. IBM X-Force ID: 203450.",IBM,Event Streams,4.7,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2021-07-12T16:15:00.000Z,0
CVE-2020-4662,https://securityvulnerability.io/vulnerability/CVE-2020-4662,,IBM Event Streams 10.0.0 could allow an authenticated user to perform tasks to a schema due to improper authentication validation. IBM X-Force ID: 186233.,IBM,Event Streams,6.5,MEDIUM,0.0009899999713525176,false,,false,false,false,,,false,false,,2020-08-14T13:15:00.000Z,0
CVE-2020-4434,https://securityvulnerability.io/vulnerability/CVE-2020-4434,,"Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-Force ID: 180900.",IBM,"Aspera Shares On Demand,Aspera Application Platform On Demand,Aspera Transfer Cluster Manager,Aspera High-speed Transfer Server,Aspera Proxy Server,Aspera Faspex On Demand,Aspera High-speed Transfer Server For Cloud Pak For Integration (cp4i),Aspera High-speed Transfer Endpoint,Aspera Streaming,Aspera Server On Demand",7.5,HIGH,0.0018400000408291817,false,,false,false,false,,,false,false,,2020-06-10T13:15:00.000Z,0
CVE-2020-4435,https://securityvulnerability.io/vulnerability/CVE-2020-4435,,"Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-Force ID: 180901.",IBM,"Aspera Transfer Cluster Manager,Aspera High-speed Transfer Server,Aspera Shares On Demand,Aspera Application Platform On Demand,Aspera Proxy Server,Aspera Faspex On Demand,Aspera Server On Demand,Aspera High-speed Transfer Server For Cloud Pak For Integration (cp4i),Aspera Streaming,Aspera High-speed Transfer Endpoint",7.5,HIGH,0.00139999995008111,false,,false,false,false,,,false,false,,2020-06-10T13:15:00.000Z,0
CVE-2020-4436,https://securityvulnerability.io/vulnerability/CVE-2020-4436,,"Certain IBM Aspera applications are vulnerable to buffer overflow after valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code through a service. IBM X-Force ID: 180902.",IBM,"Aspera Faspex On Demand,Aspera High-speed Transfer Server For Cloud Pak For Integration (cp4i),Aspera High-speed Transfer Endpoint,Aspera Streaming,Aspera Server On Demand,Aspera Shares On Demand,Aspera Application Platform On Demand,Aspera Transfer Cluster Manager,Aspera High-speed Transfer Server,Aspera Proxy Server",8.8,HIGH,0.0018400000408291817,false,,false,false,false,,,false,false,,2020-06-10T13:15:00.000Z,0
CVE-2020-4433,https://securityvulnerability.io/vulnerability/CVE-2020-4433,,"Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker with intimate knowledge of the server to execute arbitrary code on the system with the privileges of root or cause server to crash. IBM X-Force ID: 180814.",IBM,"Aspera Faspex On Demand,Aspera Server On Demand,Aspera High-speed Transfer Server For Cloud Pak For Integration (cp4i),Aspera High-speed Transfer Endpoint,Aspera Streaming,Aspera Transfer Cluster Manager,Aspera High-speed Transfer Server,Aspera Shares On Demand,Aspera Application Platform On Demand,Aspera Proxy Server",7.5,HIGH,0.014390000142157078,false,,false,false,false,,,false,false,,2020-06-10T13:15:00.000Z,0
CVE-2020-4432,https://securityvulnerability.io/vulnerability/CVE-2020-4432,,"Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API. IBM X-Force ID: 180810.",IBM,"Aspera Streaming,Aspera High-speed Transfer Endpoint,Aspera High-speed Transfer Server For Cloud Pak For Integration (cp4i),Aspera Server On Demand,Aspera Faspex On Demand,Aspera Proxy Server,Aspera Application Platform On Demand,Aspera Shares On Demand,Aspera High-speed Transfer Server,Aspera Transfer Cluster Manager",7.5,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2020-06-10T13:15:00.000Z,0
CVE-2017-1713,https://securityvulnerability.io/vulnerability/CVE-2017-1713,,IBM InfoSphere Streams 4.2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 134632.,IBM,Streams,5.9,MEDIUM,0.0010600000387057662,false,,false,false,false,,,false,false,,2019-03-21T15:59:00.000Z,0
CVE-2018-1833,https://securityvulnerability.io/vulnerability/CVE-2018-1833,,"IBM Event Streams 2018.3.0 could allow a remote attacker to submit an API request with a fake Host request header. An attacker, who has already gained authorised access via the CLI, could exploit this vulnerability to spoof the request header. IBM X-Force ID: 150507.",IBM,Event Streams,5.3,MEDIUM,0.001120000029914081,false,,false,false,false,,,false,false,,2018-12-18T15:29:00.000Z,0
CVE-2017-1431,https://securityvulnerability.io/vulnerability/CVE-2017-1431,,"IBM InfoSphere Streams 4.0, 4.1, and 4.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127632.",IBM,Streams,5.4,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2017-08-08T00:00:00.000Z,0
CVE-2016-2867,https://securityvulnerability.io/vulnerability/CVE-2016-2867,,"IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before 4.1.1.1 do not properly implement the runAsUser feature, which allows local users to obtain root group privileges via unspecified vectors.",IBM,"Streams,Infosphere Streams",7,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2016-07-02T14:00:00.000Z,0