|
248741
|
5.4 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended f…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1372
|
2024-11-21 12:21 |
2017-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248742
|
8.8 |
HIGH
Network
|
ibm
|
tririga_application_platform
|
Builder tools running in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute Builder tool actions they do not have access…
|
NVD-CWE-noinfo
|
CVE-2017-1371
|
2024-11-21 12:21 |
2017-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248743
|
7.5 |
HIGH
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 10.0 and 10.1 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code. IBM X-Force ID: 124742.
|
CWE-20
Improper Input Validation
|
CVE-2017-1267
|
2024-11-21 12:21 |
2017-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248744
|
7.8 |
HIGH
Local
|
ibm
|
infosphere_master_data_management_server
|
IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 125463.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2017-1309
|
2024-11-21 12:21 |
2017-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248745
|
7.5 |
HIGH
Network
|
ibm
|
bigfix_platform
|
IBM Tivoli Endpoint Manager uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123903.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-1224
|
2024-11-21 12:21 |
2017-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248746
|
6.1 |
MEDIUM
Network
|
ibm
|
bigfix_platform
|
IBM Tivoli Endpoint Manager could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker c…
|
CWE-601
Open Redirect
|
CVE-2017-1223
|
2024-11-21 12:21 |
2017-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248747
|
6.5 |
MEDIUM
Network
|
ibm
|
bigfix_platform
|
IBM Tivoli Endpoint Manager is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information …
|
CWE-611
XXE
|
CVE-2017-1219
|
2024-11-21 12:21 |
2017-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248748
|
8.8 |
HIGH
Network
|
ibm
|
bigfix_platform
|
IBM Tivoli Endpoint Manager is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IB…
|
CWE-352
Origin Validation Error
|
CVE-2017-1218
|
2024-11-21 12:21 |
2017-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248749
|
6.1 |
MEDIUM
Network
|
ibm
|
bigfix_platform
|
IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web …
|
CWE-79
Cross-site Scripting
|
CVE-2017-1203
|
2024-11-21 12:21 |
2017-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248750
|
8.8 |
HIGH
Network
|
ibm
|
mq_appliance
|
IBM MQ Appliance 8.0 and 9.0 could allow an authenticated messaging administrator to execute arbitrary commands on the system, caused by command execution. IBM X-Force ID: 125730.
|
CWE-78
OS Command
|
CVE-2017-1318
|
2024-11-21 12:21 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
