|
265511
|
6.1 |
MEDIUM
Network
|
ibm
|
web_content_manager_production_analytics
websphere_portal
|
Exphox WebRadar is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to…
|
CWE-79
Cross-site Scripting
|
CVE-2016-8922
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265512
|
8.8 |
HIGH
Network
|
ibm
|
filenet_workplace_xt
|
IBM FileNet WorkPlace XT could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2016-8921
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265513
|
5.4 |
MEDIUM
Network
|
ibm
|
kenexa_lms_on_cloud
|
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended funct…
|
CWE-79
Cross-site Scripting
|
CVE-2016-8920
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265514
|
5.9 |
MEDIUM
Network
|
ibm
|
integration_bus
|
IBM Integration Bus, under non default configurations, could allow a remote user to authenticate without providing valid credentials.
|
CWE-255
Credentials Management
|
CVE-2016-8918
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265515
|
6.5 |
MEDIUM
Network
|
ibm
|
kenexa_lms_on_cloud
|
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequenc…
|
CWE-22
Path Traversal
|
CVE-2016-8913
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265516
|
4.3 |
MEDIUM
Network
|
ibm
|
kenexa_lms_on_cloud
|
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially sensitive information in in log files that could be read by an authenticated user.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2016-8912
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265517
|
5.4 |
MEDIUM
Network
|
ibm
|
kenexa_lms_on_cloud
|
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could…
|
CWE-254
7PK - Security Features
|
CVE-2016-8911
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265518
|
8.6 |
HIGH
Network
|
cisco
|
asa_cx_context-aware_security_software
|
A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX m…
|
CWE-399
Resource Management Errors
|
CVE-2016-9225
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265519
|
5.4 |
MEDIUM
Network
|
tenable
|
nessus
|
Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to handling of .nessus files.
|
CWE-79
Cross-site Scripting
|
CVE-2016-9260
|
2024-11-21 12:00 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265520
|
5.5 |
MEDIUM
Local
|
joyent
|
smartos
|
An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An at…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-9039
|
2024-11-21 12:00 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
