Filtered by vendor Ibm
Subscriptions
Total
7875 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-3021 | 1 Ibm | 6 Security Access Manager 9.0 Firmware, Security Access Manager For Mobile 8.0 Firmware, Security Access Manager For Mobile Appliance and 3 more | 2025-04-20 | N/A |
| IBM Security Access Manager for Web could allow an authenticated attacker to obtain sensitive information from error message using a specially crafted HTTP request. | ||||
| CVE-2016-3022 | 1 Ibm | 6 Security Access Manager 9.0 Firmware, Security Access Manager For Mobile 8.0 Firmware, Security Access Manager For Mobile Appliance and 3 more | 2025-04-20 | 6.5 Medium |
| IBM Security Access Manager for Web could allow an authenticated user to gain access to highly sensitive information due to incorrect file permissions. | ||||
| CVE-2016-3018 | 1 Ibm | 3 Security Access Manager, Security Access Manager For Mobile, Security Access Manager For Web | 2025-04-20 | N/A |
| IBM Security Access Manager for Web is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2016-3031 | 1 Ibm | 1 Cognos Analytics | 2025-04-20 | N/A |
| IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998887. | ||||
| CVE-2016-3015 | 1 Ibm | 1 Cognos Analytics | 2025-04-20 | N/A |
| IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998887. | ||||
| CVE-2017-1133 | 1 Ibm | 2 Qradar Incident Forensics, Qradar Security Information And Event Manager | 2025-04-20 | N/A |
| IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1999534. | ||||
| CVE-2016-3034 | 1 Ibm | 1 Security Appscan Source | 2025-04-20 | N/A |
| IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information, which could allow a local attacker to decrypt information more easily. | ||||
| CVE-2017-1132 | 1 Ibm | 1 Sterling B2b Integrator | 2025-04-20 | N/A |
| IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 121418. | ||||
| CVE-2016-2987 | 1 Ibm | 6 Rational Doors Next Generation, Rational Engineering Lifecycle Manager, Rational Quality Manager and 3 more | 2025-04-20 | N/A |
| An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. | ||||
| CVE-2016-2980 | 1 Ibm | 1 Sametime | 2025-04-20 | N/A |
| The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can inject their own script by exploiting a vulnerability in the way that the WebPlayer works. IBM X-Force ID: 113993. | ||||
| CVE-2016-2978 | 1 Ibm | 1 Sametime | 2025-04-20 | N/A |
| IBM Sametime 8.5.2 and 9.0 could store potentially sensitive information from the browser cache locally that could be available to a local user. IBM X-Force ID: 113938. | ||||
| CVE-2017-1190 | 1 Ibm | 1 Emptoris Strategic Supply Management | 2025-04-20 | N/A |
| IBM Emptoris Strategic Supply Management Platform 10.x and 10.1 could allow a local user with special access roles to execute arbitrary code on the system. By manipulating a configurable property, an attacker could exploit this vulnerability to gain full control over the system. IBM X-Force ID: 123559. | ||||
| CVE-2016-6080 | 1 Ibm | 1 Websphere Message Broker | 2025-04-20 | N/A |
| The WebAdmin context for WebSphere Message Broker allows directory listings which could disclose sensitive information to the attacker. | ||||
| CVE-2016-2977 | 1 Ibm | 1 Sametime | 2025-04-20 | N/A |
| IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user to lower other users hands in the meeting. IBM X-Force ID: 113937. | ||||
| CVE-2016-3035 | 1 Ibm | 1 Security Appscan Source | 2025-04-20 | N/A |
| IBM AppScan Source could reveal some sensitive information through the browsing of testlinks on the server. | ||||
| CVE-2016-2976 | 1 Ibm | 1 Sametime | 2025-04-20 | N/A |
| IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invitee to obtain previously cleared sensitive information by viewing the meeting report history. IBM X-Force ID: 113936. | ||||
| CVE-2016-5932 | 1 Ibm | 1 Connections | 2025-04-20 | N/A |
| IBM Connections 4.0, 4.5, 5.0, and 5.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998294. | ||||
| CVE-2017-1321 | 1 Ibm | 2 Infosphere Information Server, Infosphere Information Server On Cloud | 2025-04-20 | 6.1 Medium |
| IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125916. | ||||
| CVE-2016-2965 | 1 Ibm | 1 Sametime | 2025-04-20 | N/A |
| IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious link, a remote attacker could force the user to log out of Sametime. IBM X-Force ID: 113846. | ||||
| CVE-2016-2966 | 1 Ibm | 1 Sametime | 2025-04-20 | N/A |
| IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumerate meeting rooms by guessing the meeting room id. IBM X-Force ID: 113847. | ||||