ReportizFlow
Filtered by vendor Ibm
Subscriptions
Total
8165 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-1337 | 1 Ibm | 1 Websphere Mq | 2025-04-20 | N/A |
| IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly transmit user credentials in plain text. IBM X-Force ID: 126245. | ||||
| CVE-2016-6030 | 1 Ibm | 1 Rational Collaborative Lifecycle Management | 2025-04-20 | N/A |
| IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2017-1538 | 1 Ibm | 1 Financial Transaction Manager | 2025-04-20 | N/A |
| IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive information from an undocumented URL. IBM X-Force ID: 130735. | ||||
| CVE-2016-6077 | 1 Ibm | 1 Cognos Disclosure Management | 2025-04-20 | N/A |
| IBM Cognos Disclosure Management 10.2 could allow a malicious attacker to execute commands as a lower privileged user that opens a malicious document. IBM Reference #: 1991584. | ||||
| CVE-2017-1276 | 1 Ibm | 2 Rational Doors Next Generation, Rational Requirements Composer | 2025-04-20 | N/A |
| IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124751. | ||||
| CVE-2016-0356 | 1 Ibm | 1 Sametime | 2025-04-20 | N/A |
| IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. IBM X-Force ID: 111895. | ||||
| CVE-2016-0358 | 1 Ibm | 1 Sametime | 2025-04-20 | N/A |
| IBM Sametime 8.5.2 and 9.0 could allow an unauthorized authenticated user to enumerate group chat ID numbers and join meetings that he was not invited to. IBM X-Force ID: 111928. | ||||
| CVE-2017-1212 | 1 Ibm | 1 Daeja Viewone | 2025-04-20 | N/A |
| IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 is vulnerable to a denial of service when viewing or opening a large file. IBM X-Force ID: 123852. | ||||
| CVE-2017-1274 | 1 Ibm | 1 Domino | 2025-04-20 | N/A |
| IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. IBM X-Force ID: 124749. | ||||
| CVE-2017-1161 | 1 Ibm | 1 Api Connect | 2025-04-20 | N/A |
| IBM API Connect 5.0.6.0 could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of URLs for the Developer Portal. By crafting a malicious URL, an attacker could exploit this vulnerability to execute arbitrary commands on the system with the privileges of the www-data user. IBM X-Force ID: 122956. | ||||
| CVE-2017-1349 | 1 Ibm | 1 Sterling B2b Integrator | 2025-04-20 | N/A |
| IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially sensitive information from HTTP sessions that could be read by a local user. IBM X-Force ID: 126525. | ||||
| CVE-2016-5900 | 1 Ibm | 1 Tealeaf Customer Experience On Cloud Network Capture Add-on | 2025-04-20 | N/A |
| IBM Tealeaf Customer Experience on Cloud Network Capture Add-On could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the TLS certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. | ||||
| CVE-2017-1378 | 1 Ibm | 1 Tivoli Storage Manager | 2025-04-20 | N/A |
| IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. IBM X-Force ID: 126875. | ||||
| CVE-2017-1698 | 1 Ibm | 1 Websphere Portal | 2025-04-20 | N/A |
| IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could reveal sensitive information from an error message that could lead to further attacks against the system. IBM X-Force ID: 124390. | ||||
| CVE-2017-1153 | 1 Ibm | 1 Tririga Application Platform | 2025-04-20 | N/A |
| IBM TRIRIGA Report Manager 3.2 through 3.5 contains a vulnerability that could allow an authenticated user to execute actions that they do not have access to. IBM Reference #: 1999563. | ||||
| CVE-2017-1269 | 1 Ibm | 1 Security Guardium | 2025-04-20 | N/A |
| IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-force ID: 124744 | ||||
| CVE-2017-1101 | 1 Ibm | 1 Rational Quality Manager | 2025-04-20 | N/A |
| IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120662. | ||||
| CVE-2017-1342 | 1 Ibm | 1 Insights Foundation For Energy | 2025-04-20 | N/A |
| IBM Insights Foundation for Energy 2.0 could reveal sensitive information in error messages to authenticated users that could e used to conduct further attacks. IBM X-Force ID: 126457. | ||||
| CVE-2017-1223 | 1 Ibm | 1 Bigfix Platform | 2025-04-20 | N/A |
| IBM Tivoli Endpoint Manager could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 123902. | ||||
| CVE-2017-1696 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2025-04-20 | N/A |
| IBM QRadar 7.2 and 7.3 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 134178. | ||||