|
248781
|
5.4 |
MEDIUM
Network
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lea…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1234
|
2024-11-21 12:21 |
2017-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248782
|
7.1 |
HIGH
Local
|
ibm
|
data_server_client
data_server_driver_for_odbc_and_cli
data_server_driver_package
data_server_runtime_client
db2
db2_connect
|
IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1105
|
2024-11-21 12:21 |
2017-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248783
|
5.5 |
MEDIUM
Local
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially sensitive information from HTTP sessions that could be read by a local user. IBM X-Force ID: 126525.
|
CWE-200
Information Exposure
|
CVE-2017-1349
|
2024-11-21 12:21 |
2017-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248784
|
5.4 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fun…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1348
|
2024-11-21 12:21 |
2017-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248785
|
8.8 |
HIGH
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or …
|
CWE-89
SQL Injection
|
CVE-2017-1347
|
2024-11-21 12:21 |
2017-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248786
|
5.5 |
MEDIUM
Local
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local user view sensitive information due to improper access controls. IBM X-Force ID: 125456.
|
CWE-200
Information Exposure
|
CVE-2017-1302
|
2024-11-21 12:21 |
2017-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248787
|
6.5 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 5.2 could allow user to obtain sensitive information using an HTTP GET request. IBM X-Force ID: 123667.
|
CWE-200
Information Exposure
|
CVE-2017-1193
|
2024-11-21 12:21 |
2017-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248788
|
5.4 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fun…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1132
|
2024-11-21 12:21 |
2017-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248789
|
6.5 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information by using unsupported, specially crafted HTTP commands. IBM X-Force ID: 121375.
|
CWE-200
Information Exposure
|
CVE-2017-1131
|
2024-11-21 12:21 |
2017-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248790
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling File Gateway does not properly restrict user requests based on permission level. This allows for users to update data related to other users, by manipulating the parameters passed in the…
|
CWE-269
Improper Privilege Management
|
CVE-2017-1326
|
2024-11-21 12:21 |
2017-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
