|
273251
|
5.4 |
MEDIUM
Network
|
ibm
|
qradar_security_information_and_event_manager
|
Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.6 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified field.
|
CWE-79
Cross-site Scripting
|
CVE-2015-7409
|
2024-11-21 11:36 |
2016-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273252
|
4.3 |
MEDIUM
Network
|
ibm
|
b2b_advanced_communications
multi-enterprise_integration_gateway
|
IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.x before 1.0.0.4, when guest access is configured, allow remote authenticated users to obtain sensitive …
|
CWE-200
Information Exposure
|
CVE-2015-7445
|
2024-11-21 11:36 |
2016-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273253
|
3.7 |
LOW
Network
|
ibm
|
mq_appliance_m2000
|
Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7420.
|
CWE-200
Information Exposure
|
CVE-2015-7421
|
2024-11-21 11:36 |
2016-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273254
|
3.7 |
LOW
Network
|
ibm
|
mq_appliance_m2000
|
Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7421.
|
CWE-200
Information Exposure
|
CVE-2015-7420
|
2024-11-21 11:36 |
2016-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273255
|
5.4 |
MEDIUM
Network
|
ibm
|
urbancode_deploy
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM UrbanCode Deploy 6.0 before 6.0.1.12, 6.1 before 6.1.3.2, and 6.2 before 6.2.0.2 allow remote authenticated users to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7415
|
2024-11-21 11:36 |
2016-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273256
|
7.4 |
HIGH
Network
|
ibm
|
sterling_b2b_integrator
|
The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or …
|
CWE-17
Code
|
CVE-2015-7410
|
2024-11-21 11:36 |
2016-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273257
|
7.8 |
HIGH
Local
|
ibm
|
spss_statistics
|
IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses weak permissions (Everyone: Write) for Python scripts, which allows local users to gain privileges by modifying a script.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7489
|
2024-11-21 11:36 |
2016-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273258
|
6.8 |
MEDIUM
Network
|
ibm
|
business_process_manager
websphere_process_server
|
Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and Business Process Manager Advanced 7.5 through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, 8.5.5 through 8.5.5.0, and 8.5.6 …
|
CWE-17
Code
|
CVE-2015-7441
|
2024-11-21 11:36 |
2016-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273259
|
5.3 |
MEDIUM
Network
|
ibm
|
websphere_portal
|
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF09 allows remote attackers to bypass intended Po…
|
CWE-200
Information Exposure
|
CVE-2015-7447
|
2024-11-21 11:36 |
2015-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273260
|
8.0 |
HIGH
Network
|
zyxel
|
nbg-418n_firmware
nbg-418n
|
Cross-site request forgery (CSRF) vulnerability on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2015-7284
|
2024-11-21 11:36 |
2015-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
