|
248991
|
4.3 |
MEDIUM
Network
|
ibm
|
insights_foundation_for_energy
|
IBM Insights Foundation for Energy 1.0, 1.5, and 1.6 could allow an authenticated user to obtain sensitive information from error messages. IBM X-Force ID: 121907.
|
CWE-200
Information Exposure
|
CVE-2017-1141
|
2024-11-21 12:21 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248992
|
5.3 |
MEDIUM
Local
|
ibm
|
websphere_commerce
|
IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 8.0 could allow a local user to hijack a user's session. IBM X-Force ID: 123230.
|
NVD-CWE-noinfo
|
CVE-2017-1170
|
2024-11-21 12:21 |
2017-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248993
|
8.8 |
HIGH
Network
|
ibm
|
domino
|
IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. IBM X-Fo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1274
|
2024-11-21 12:21 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248994
|
8.1 |
HIGH
Network
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy (UCD) 6.0, 6.1, and 6.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit thi…
|
CWE-611
XXE
|
CVE-2017-1149
|
2024-11-21 12:21 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248995
|
7.4 |
HIGH
Local
|
ibm
|
security_guardium
|
IBM Security Guardium 8.2, 9.0, and 10.0 contains a vulnerability that could allow a local attacker with CLI access to inject arbitrary commands which would be executed as root. IBM X-Force ID: 12117…
|
NVD-CWE-noinfo
|
CVE-2017-1122
|
2024-11-21 12:21 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248996
|
7.3 |
HIGH
Network
|
ibm
|
api_connect
|
IBM API Connect 5.0.6.0 could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of URLs for the Developer Portal. By crafting a malicious URL, an atta…
|
CWE-20
Improper Input Validation
|
CVE-2017-1161
|
2024-11-21 12:21 |
2017-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248997
|
5.4 |
MEDIUM
Network
|
ibm
|
financial_transaction_manager
|
IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI t…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1160
|
2024-11-21 12:21 |
2017-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248998
|
8.8 |
HIGH
Local
|
ibm
|
spectrum_lsf
|
IBM Platform LSF 10.1 contains an unspecified vulnerability that could allow a local user to escalate their privileges and obtain root access. IBM X-Force ID: 123741.
|
NVD-CWE-noinfo
|
CVE-2017-1205
|
2024-11-21 12:21 |
2017-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248999
|
4.3 |
MEDIUM
Network
|
ibm
|
financial_transaction_manager
|
IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. IBM X-Forc…
|
CWE-384
Session Fixation
|
CVE-2017-1152
|
2024-11-21 12:21 |
2017-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249000
|
5.3 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
The IBM TRIRIGA Document Manager contains a vulnerability that could allow an authenticated user to execute actions they did not have access to. IBM Reference #: 2001084.
|
NVD-CWE-noinfo
|
CVE-2017-1180
|
2024-11-21 12:21 |
2017-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
