Total
153 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-0845 | 1 Ibm | 2 Rational Doors Next Generation, Rational Requirements Composer | 2026-04-29 | 4.9 MEDIUM | N/A |
| Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. | |||||
| CVE-2014-0846 | 1 Ibm | 2 Rational Doors Next Generation, Rational Requirements Composer | 2026-04-29 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2014-0844 | 1 Ibm | 2 Rational Doors Next Generation, Rational Requirements Composer | 2026-04-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to read arbitrary data via unknown vectors. | |||||
| CVE-2017-1365 | 1 Ibm | 7 Rational Collaborative Lifecycle Management, Rational Doors Next Generation, Rational Engineering Lifecycle Manager and 4 more | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle Management 4.0, 5.0., and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 126858. | |||||
| CVE-2016-9748 | 1 Ibm | 2 Rational Doors Next Generation, Rational Requirements Composer | 2025-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system. | |||||
| CVE-2017-1127 | 1 Ibm | 2 Rational Doors Next Generation, Rational Requirements Composer | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2017-1251 | 1 Ibm | 7 Rational Collaborative Lifecycle Management, Rational Doors Next Generation, Rational Engineering Lifecycle Manager and 4 more | 2025-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. IBM X-Force ID: 124631. | |||||
| CVE-2016-9735 | 1 Ibm | 7 Rational Collaborative Lifecycle Management, Rational Doors Next Generation, Rational Engineering Lifecycle Manager and 4 more | 2025-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781, | |||||
| CVE-2017-1240 | 1 Ibm | 7 Rational Collaborative Lifecycle Management, Rational Doors Next Generation, Rational Engineering Lifecycle Manager and 4 more | 2025-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Rhapsody DM products could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124359. | |||||
| CVE-2016-9707 | 1 Ibm | 7 Rational Collaborative Lifecycle Management, Rational Doors Next Generation, Rational Engineering Lifecycle Manager and 4 more | 2025-04-20 | 7.5 HIGH | 8.1 HIGH |
| IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000784. | |||||
| CVE-2017-1338 | 1 Ibm | 2 Rational Doors Next Generation, Rational Requirements Composer | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126246. | |||||
| CVE-2017-1247 | 1 Ibm | 2 Rational Doors Next Generation, Rational Requirements Composer | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124627. | |||||
| CVE-2017-1678 | 1 Ibm | 1 Rational Doors Next Generation | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134000. | |||||
| CVE-2016-9700 | 1 Ibm | 7 Rational Collaborative Lifecycle Management, Rational Doors Next Generation, Rational Engineering Lifecycle Manager and 4 more | 2025-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-Force ID: 119528. | |||||
| CVE-2017-1593 | 1 Ibm | 1 Rational Doors Next Generation | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132494. | |||||
| CVE-2017-1688 | 1 Ibm | 1 Rational Doors Next Generation | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134063. | |||||
| CVE-2017-1689 | 1 Ibm | 1 Rational Doors Next Generation | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134064. | |||||
| CVE-2016-9973 | 1 Ibm | 7 Rational Collaborative Lifecycle Management, Rational Doors Next Generation, Rational Engineering Lifecycle Manager and 4 more | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120209. | |||||
| CVE-2017-1560 | 1 Ibm | 1 Rational Doors Next Generation | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131759. | |||||
| CVE-2016-2987 | 1 Ibm | 6 Rational Doors Next Generation, Rational Engineering Lifecycle Manager, Rational Quality Manager and 3 more | 2025-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. | |||||