Filtered by vendor Ibm
Subscribe
Total
7404 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-1433 | 1 Ibm | 1 Websphere Mq | 2025-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow an authenticated user to insert messages with a corrupt RFH header into the channel which would cause it to restart. IBM X-Force ID: 127803. | |||||
| CVE-2016-9718 | 1 Ibm | 1 Infosphere Master Data Management Server | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM InfoSphere Master Data Management Server 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 119732. | |||||
| CVE-2017-1694 | 1 Ibm | 1 Integration Bus | 2025-04-20 | 4.3 MEDIUM | 8.1 HIGH |
| IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be read by an attacker using man in the middle techniques. IBM X-Force ID: 134165. | |||||
| CVE-2016-6103 | 1 Ibm | 1 Security Key Lifecycle Manager | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | |||||
| CVE-2016-6115 | 1 Ibm | 2 General Parallel File System, Spectrum Scale | 2025-04-20 | 9.0 HIGH | 7.2 HIGH |
| IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash. | |||||
| CVE-2017-1189 | 1 Ibm | 1 Websphere Portal | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM WebSphere Portal and Web Content Manager 6.1, 7.0, and 8.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123558. | |||||
| CVE-2016-6056 | 1 Ibm | 1 Call Center For Commerce | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM Call Center for Commerce 9.3 and 9.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000442. | |||||
| CVE-2017-1325 | 1 Ibm | 1 Inotes | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976. | |||||
| CVE-2016-6100 | 1 Ibm | 2 Disposal And Governance Management For It, Global Retention Policy And Schedule Management | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| IBM Disposal and Governance Management for IT and IBM Global Retention Policy and Schedule Management, components of IBM Atlas Policy Suite 6.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 2000771. | |||||
| CVE-2016-3019 | 1 Ibm | 1 Security Access Manager 9.0 Firmware | 2025-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 114462. | |||||
| CVE-2016-9732 | 1 Ibm | 1 Curam Social Program Management | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM Curam Social Program Management 6.0, 6.1, 6.2 and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 119761. | |||||
| CVE-2017-1254 | 1 Ibm | 1 Security Guardium | 2025-04-20 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Security Guardium 10.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 124634. | |||||
| CVE-2016-0228 | 1 Ibm | 1 Marketing Platform | 2025-04-20 | 4.9 MEDIUM | 5.4 MEDIUM |
| IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to redirect a victim to arbitrary Web sites. IBM X-Force ID: 110236. | |||||
| CVE-2016-9978 | 1 Ibm | 1 Curam Social Program Management | 2025-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Curam Social Program Management 5.2, 6.0, and 7.0 could allow an authenticated attacker to disclose sensitive information. IBM X-Force ID: 120254. | |||||
| CVE-2016-5881 | 1 Ibm | 1 Inotes | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2017-1457 | 1 Ibm | 1 Qradar Network Security | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM QRadar Network Security 5.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128376. | |||||
| CVE-2017-1269 | 1 Ibm | 1 Security Guardium | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-force ID: 124744 | |||||
| CVE-2016-3013 | 1 Ibm | 1 Websphere Mq | 2025-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661. | |||||
| CVE-2016-0396 | 1 Ibm | 1 Bigfix Platform | 2025-04-20 | 6.8 MEDIUM | 8.1 HIGH |
| IBM Tivoli Endpoint Manager could allow a user under special circumstances to inject commands that would be executed with unnecessary higher privileges than expected. | |||||
| CVE-2014-6191 | 1 Ibm | 1 Curam Social Program Management | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0 SP2, 6.0.4, and 6.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 98568. | |||||