|
268341
|
8.8 |
HIGH
Network
|
ibm
|
kenexa_lcms_premier
|
IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trust…
|
CWE-352
Origin Validation Error
|
CVE-2016-5937
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268342
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5899
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268343
|
4.3 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service (JRS) could allow a remote attacker to obtain sensitive information, caused by not restricting JSON serialization. By sending a direct request, an attacker could exploit th…
|
CWE-254
7PK - Security Features
|
CVE-2016-5898
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268344
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service (JRS) is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the secur…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5897
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268345
|
5.3 |
MEDIUM
Network
|
ibm
|
maximo_for_transportation
maximo_for_life_sciences
maximo_for_oil_and_gas
maximo_for_aviation
maximo_asset_management
maximo_for_nuclear_power
|
IBM Maximo Asset Management could disclose sensitive information from a stack trace after submitting incorrect login onto Cognos browser.
|
CWE-200
Information Exposure
|
CVE-2016-5896
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268346
|
6.1 |
MEDIUM
Network
|
ibm
|
inotes
domino
|
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cred…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5884
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268347
|
6.1 |
MEDIUM
Network
|
ibm
|
inotes
domino
|
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cred…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5882
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268348
|
5.4 |
MEDIUM
Network
|
ibm
|
inotes
domino
|
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cred…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5880
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268349
|
5.9 |
MEDIUM
Network
|
openvpn
|
openvpn
|
OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-ov…
|
CWE-310
CWE-200
Cryptographic Issues
Information Exposure
|
CVE-2016-6329
|
2024-11-21 11:55 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268350
|
6.1 |
MEDIUM
Network
|
atlassian
|
jira
|
Cross-site scripting (XSS) vulnerability in includes/decorators/global-translations.jsp in Atlassian JIRA before 7.2.2 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6285
|
2024-11-21 11:55 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
