|
266141
|
5.4 |
MEDIUM
Network
|
ibm
|
financial_transaction_manager
|
Cross-site scripting (XSS) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Chec…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0253
|
2024-11-21 11:41 |
2018-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266142
|
5.3 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to obtain sensitive information via vectors involving a database query. IBM X-F…
|
CWE-200
Information Exposure
|
CVE-2016-0299
|
2024-11-21 11:41 |
2018-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266143
|
8.8 |
HIGH
Network
|
ibm
|
bigfix_platform
|
Cross-site request forgery (CSRF) vulnerability in the IBM BigFix Platform 9.0, 9.1, 9.2, and 9.5 before 9.5.2 allows remote attackers to hijack the authentication of arbitrary users for requests tha…
|
CWE-352
Origin Validation Error
|
CVE-2016-0295
|
2024-11-21 11:41 |
2018-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266144
|
8.8 |
HIGH
Network
|
ibm
|
bigfix_platform
|
IBM BigFix Platform 9.0, 9.1 before 9.1.8, and 9.2 before 9.2.8 allow remote authenticated users to execute arbitrary commands by leveraging report server access. IBM X-Force ID: 111302.
|
CWE-78
OS Command
|
CVE-2016-0291
|
2024-11-21 11:41 |
2018-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266145
|
2.7 |
LOW
Network
|
ibm
|
forms_experience_builder
|
XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112…
|
CWE-611
XXE
|
CVE-2016-0369
|
2024-11-21 11:41 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266146
|
4.3 |
MEDIUM
Network
|
ibm
|
security_identity_manager_virtual_appliance
|
IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 allows remote authenticated users to obtain sensitive information by reading an error message. IBM X-Force ID: 1120…
|
CWE-200
Information Exposure
|
CVE-2016-0367
|
2024-11-21 11:41 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266147
|
3.7 |
LOW
Network
|
ibm
|
security_privileged_identity_manager
|
IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 might allow remote attackers to obtain sensitive information by leveraging weak encryption. IBM X-Force ID: 112071.
|
CWE-200
Information Exposure
|
CVE-2016-0366
|
2024-11-21 11:41 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266148
|
3.7 |
LOW
Network
|
ibm
|
security_identity_manager_virtual_appliance
|
IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 does not set the secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers…
|
CWE-200
Information Exposure
|
CVE-2016-0351
|
2024-11-21 11:41 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266149
|
8.0 |
HIGH
Network
|
ibm
|
tririga_application_platform
|
Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3, 3.3.1, 3.3.2, and 3.4 allows remote attackers to hijack the authentication of arbitrary users for requests tha…
|
CWE-352
Origin Validation Error
|
CVE-2016-0348
|
2024-11-21 11:41 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266150
|
4.3 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain the installation path via vectors involving Birt report ren…
|
CWE-200
Information Exposure
|
CVE-2016-0345
|
2024-11-21 11:41 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
