Filtered by vendor Ibm
Subscribe
Total
8310 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-6079 | 1 Ibm | 2 Aix, Vios | 2026-06-17 | 7.2 HIGH | 7.8 HIGH |
| IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053. | |||||
| CVE-2016-6077 | 1 Ibm | 1 Cognos Disclosure Management | 2026-06-17 | 6.8 MEDIUM | 5.3 MEDIUM |
| IBM Cognos Disclosure Management 10.2 could allow a malicious attacker to execute commands as a lower privileged user that opens a malicious document. IBM Reference #: 1991584. | |||||
| CVE-2016-6072 | 1 Ibm | 12 Maximo Asset Management, Maximo For Aviation, Maximo For Life Sciences and 9 more | 2026-06-17 | 3.5 LOW | 5.4 MEDIUM |
| IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2016-6068 | 1 Ibm | 1 Urbancode Deploy | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties. | |||||
| CVE-2016-6065 | 1 Ibm | 1 Security Guardium | 2026-06-17 | 7.2 HIGH | 7.8 HIGH |
| IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root. | |||||
| CVE-2016-6062 | 1 Ibm | 1 Resilient | 2026-06-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Resilient v26.0, v26.1, and v26.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference#: 213457065. | |||||
| CVE-2016-6061 | 1 Ibm | 1 Rational Collaborative Lifecycle Management | 2026-06-17 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2016-6060 | 1 Ibm | 2 Rational Doors Next Generation, Rational Requirements Composer | 2026-06-17 | 4.0 MEDIUM | 4.3 MEDIUM |
| An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547. | |||||
| CVE-2016-6059 | 1 Ibm | 3 Infosphere Datastage, Infosphere Information Server, Infosphere Information Server On Cloud | 2026-06-17 | 7.5 HIGH | 8.1 HIGH |
| IBM InfoSphere Information Server is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. | |||||
| CVE-2016-6056 | 1 Ibm | 1 Call Center For Commerce | 2026-06-17 | 3.5 LOW | 5.4 MEDIUM |
| IBM Call Center for Commerce 9.3 and 9.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000442. | |||||
| CVE-2016-6055 | 1 Ibm | 2 Rational Doors Next Generation, Rational Requirements Composer | 2026-06-17 | 3.5 LOW | 5.4 MEDIUM |
| IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515. | |||||
| CVE-2016-6054 | 1 Ibm | 1 Jazz Reporting Service | 2026-06-17 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2016-6047 | 1 Ibm | 1 Jazz Reporting Service | 2026-06-17 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2016-6046 | 1 Ibm | 1 Tivoli Storage Manager | 2026-06-17 | 3.5 LOW | 5.4 MEDIUM |
| IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2016-6045 | 1 Ibm | 1 Tivoli Storage Manager | 2026-06-17 | 6.8 MEDIUM | 8.8 HIGH |
| IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | |||||
| CVE-2016-6044 | 1 Ibm | 1 Tivoli Storage Manager | 2026-06-17 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Tivoli Storage Manager Operations Center could allow an authenticated attacker to enable or disable the application's REST API, which may let the attacker violate security policy. | |||||
| CVE-2016-6043 | 1 Ibm | 1 Tivoli Storage Manager | 2026-06-17 | 4.4 MEDIUM | 7.0 HIGH |
| Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced. | |||||
| CVE-2016-6042 | 1 Ibm | 1 Security Appscan | 2026-06-17 | 9.3 HIGH | 7.3 HIGH |
| IBM AppScan Enterprise Edition could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of objects in memory. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system in the same context as the victim. | |||||
| CVE-2016-6040 | 1 Ibm | 1 Rational Collaborative Lifecycle Management | 2026-06-17 | 6.0 MEDIUM | 5.0 MEDIUM |
| IBM Jazz Foundation could allow an authenticated user to take over a previously logged in user due to session expiration not being enforced. | |||||
| CVE-2016-6039 | 1 Ibm | 1 Jazz Reporting Service | 2026-06-17 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
