|
269751
|
5.4 |
MEDIUM
Network
|
ibm
|
maximo_asset_management
|
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5 before 7.5.0.9 IFIX007, and 7.6 before 7.6.0.5 FP005 allows remote authenticated users to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0399
|
2024-11-21 11:41 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269752
|
4.3 |
MEDIUM
Network
|
ibm
|
cognos_analytics
|
IBM Cognos Analytics (CA) 11.0 before 11.0.2 allows remote attackers to conduct content-spoofing attacks via a crafted URL.
|
CWE-20
Improper Input Validation
|
CVE-2016-0398
|
2024-11-21 11:41 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269753
|
9.8 |
CRITICAL
Network
|
ibm
|
watson_developer_cloud
|
The IBM Watson Developer Cloud services on Bluemix platforms do not properly generate random numbers for service-instance credentials, which makes it easier for remote attackers to defeat cryptograph…
|
CWE-284
Improper Access Control
|
CVE-2016-0391
|
2024-11-21 11:41 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269754
|
5.4 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0387
|
2024-11-21 11:41 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269755
|
8.0 |
HIGH
Network
|
ibm
|
tririga_application_platform
|
Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to hijack the auth…
|
CWE-352
Origin Validation Error
|
CVE-2016-0386
|
2024-11-21 11:41 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269756
|
8.8 |
HIGH
Network
|
ibm
|
messagesight
|
JMS Client in IBM MessageSight 1.1.x through 1.1.0.1, 1.2.x through 1.2.0.3, and 2.0.x through 2.0.0.0 allows remote authenticated users to obtain administrator privileges for executing arbitrary com…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-0375
|
2024-11-21 11:41 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269757
|
8.8 |
HIGH
Network
|
ibm
|
tririga_application_platform
|
The builder tools in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allow remote authenticated users to gain privileges for application modification v…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-0374
|
2024-11-21 11:41 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269758
|
5.9 |
MEDIUM
Network
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1, when agent-relay Codestation artifact caching is enabled, allows remote attackers to bypass authentication …
|
CWE-200
Information Exposure
|
CVE-2016-0365
|
2024-11-21 11:41 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269759
|
4.3 |
MEDIUM
Network
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 does not properly implement a logging-obfuscation feature for secure properties, which allows remote authent…
|
CWE-200
Information Exposure
|
CVE-2016-0364
|
2024-11-21 11:41 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269760
|
7.7 |
HIGH
Network
|
ibm
|
tririga_application_platform
|
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger ne…
|
NVD-CWE-Other
|
CVE-2016-0362
|
2024-11-21 11:41 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
