|
272881
|
6.2 |
MEDIUM
Local
|
ibm
|
personal_communications
|
IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging acces…
|
CWE-200
Information Exposure
|
CVE-2016-0321
|
2024-11-21 11:41 |
2016-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272882
|
4.3 |
MEDIUM
Network
|
ibm
|
security_identity_manager_adapter
|
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 allows remote attackers to conduct clickjacking attacks via a crafted web site.
|
CWE-284
Improper Access Control
|
CVE-2016-0357
|
2024-11-21 11:41 |
2016-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272883
|
7.4 |
HIGH
Local
|
ibm
|
security_identity_manager_adapter
|
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles session expiration, which allows remote attackers to hijack sessions by leveragin…
|
CWE-284
Improper Access Control
|
CVE-2016-0340
|
2024-11-21 11:41 |
2016-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272884
|
5.6 |
MEDIUM
Network
|
ibm
|
security_identity_manager_adapter
|
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles session identifiers after logout, which makes it easier for remote attackers to s…
|
CWE-284
Improper Access Control
|
CVE-2016-0339
|
2024-11-21 11:41 |
2016-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272885
|
6.2 |
MEDIUM
Local
|
ibm
|
security_identity_manager_adapter
|
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 allows local users to discover cleartext passwords by (1) reading a configuration file or (2…
|
CWE-200
Information Exposure
|
CVE-2016-0338
|
2024-11-21 11:41 |
2016-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272886
|
7.3 |
HIGH
Network
|
ibm
|
security_identity_manager_adapter
|
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles password creation, which makes it easier for remote attackers to obtain access by…
|
CWE-255
Credentials Management
|
CVE-2016-0330
|
2024-11-21 11:41 |
2016-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272887
|
5.4 |
MEDIUM
Network
|
ibm
|
bigfix_platform
|
Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 9.x before 9.1.8 and 9.2.x before 9.2.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2016-0269
|
2024-11-21 11:41 |
2016-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272888
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
Cross-site scripting (XSS) vulnerability in the Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allows rem…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0350
|
2024-11-21 11:41 |
2016-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272889
|
8.8 |
HIGH
Network
|
ibm
|
jazz_reporting_service
|
The Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 maintain session ID validity after a logout action, wh…
|
CWE-284
Improper Access Control
|
CVE-2016-0315
|
2024-11-21 11:41 |
2016-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272890
|
6.5 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
The Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allow remote authenticated users to conduct clickjacki…
|
NVD-CWE-noinfo
|
CVE-2016-0314
|
2024-11-21 11:41 |
2016-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
