Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database

CVE-2019-4349
PUBLISHED: 2020-11-03

IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 applications can be installed on a deprecated operating system version that could compromised the confidentiality and integrity of the service. IBM X-Force ID: 161486

CVE-2020-4649
PUBLISHED: 2020-11-03

IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 could expose data to non-privleged users by not invalidating TM1Web user sessions. IBM X-Force ID: 186022.

CVE-2020-4785
PUBLISHED: 2020-11-03

IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim’s click action…

CVE-2020-6557
PUBLISHED: 2020-11-03

Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

CVE-2020-16002
PUBLISHED: 2020-11-03

Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here