|
272101
|
6.8 |
MEDIUM
Network
|
ibm
|
rational_quality_manager
rational_rhapsody_design_manager
rational_requirements_composer
rational_engineering_lifecycle_manager
rational_doors_next_generation
rational_collaborative_li…
|
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (R…
|
CWE-20
Improper Input Validation
|
CVE-2015-1928
|
2024-11-21 11:26 |
2016-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272102
|
7.4 |
HIGH
Local
|
ibm
|
infosphere_biginsights
|
Untrusted search path vulnerability in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0.0.2, and 4.0, when a DB2 database is used, allows local users to gain privileges via a Trojan horse library that is…
|
NVD-CWE-Other
|
CVE-2015-1947
|
2024-11-21 11:26 |
2016-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272103
|
7.3 |
HIGH
Network
|
ibm
apache
|
infosphere_biginsights
hbase
|
Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper c…
|
CWE-284
Improper Access Control
|
CVE-2015-1836
|
2024-11-21 11:26 |
2015-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272104
|
7.3 |
HIGH
Network
|
ibm
apache
|
infosphere_biginsights
hive
|
The LDAP implementation in HiveServer2 in Apache Hive before 1.0.1 and 1.1.x before 1.1.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, mishandles simple unauth…
|
CWE-287
Improper Authentication
|
CVE-2015-1772
|
2024-11-21 11:26 |
2015-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272105
|
- |
|
openssl
|
openssl
|
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 before 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-He…
|
CWE-189
Numeric Errors
|
CVE-2015-1794
|
2024-11-21 11:26 |
2015-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272106
|
- |
|
ibm
|
websphere_application_server
|
CRLF injection vulnerability in IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.47, 7.0 before 7.0.0.39, 8.0 before 8.0.0.12, and 8.5 before 8.5.5.8 allows remote attackers to inject arbitra…
|
NVD-CWE-Other
|
CVE-2015-2017
|
2024-11-21 11:26 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272107
|
- |
|
ibm
|
security_qradar_incident_forensics
|
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 places session IDs in https URLs, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs…
|
CWE-200
Information Exposure
|
CVE-2015-1999
|
2024-11-21 11:26 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272108
|
- |
|
ibm
|
security_qradar_incident_forensics
|
Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar Vulnerability Manager 7.2.x before 7.2.5 Patch 5 allows remote attackers to hijack the authentication of arbitrary users for req…
|
CWE-352
Origin Validation Error
|
CVE-2015-1997
|
2024-11-21 11:26 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272109
|
- |
|
ibm
|
security_qradar_incident_forensics
|
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information …
|
CWE-200
Information Exposure
|
CVE-2015-1996
|
2024-11-21 11:26 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272110
|
- |
|
ibm
|
security_qradar_incident_forensics
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allow remote attackers to inject arbitrary web script or HTML via a crafted UR…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1995
|
2024-11-21 11:26 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
