|
249001
|
4.3 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
The IBM TRIRIGA Application Platform 3.3, 3,4, and 3,5 contain a vulnerability that could allow an authenticated user to execute Application actions they do not have access to. IBM Reference #: 20010…
|
NVD-CWE-noinfo
|
CVE-2017-1171
|
2024-11-21 12:21 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249002
|
6.5 |
MEDIUM
Network
|
ibm
|
algo_one
|
IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could allow a user to gain access to files in the local environment which should not be viewed by application users. IBM Reference #: …
|
CWE-200
Information Exposure
|
CVE-2017-1154
|
2024-11-21 12:21 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249003
|
8.8 |
HIGH
Network
|
ibm
|
tririga_application_platform
|
IBM TRIRIGA Report Manager 3.2 through 3.5 contains a vulnerability that could allow an authenticated user to execute actions that they do not have access to. IBM Reference #: 1999563.
|
NVD-CWE-noinfo
|
CVE-2017-1153
|
2024-11-21 12:21 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249004
|
5.3 |
MEDIUM
Network
|
ibm
|
kenexa_lcms_premier
|
IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could…
|
CWE-200
Information Exposure
|
CVE-2017-1143
|
2024-11-21 12:21 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249005
|
6.5 |
MEDIUM
Network
|
ibm
|
kenexa_lcms_premier
|
IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By interc…
|
CWE-200
Information Exposure
|
CVE-2017-1142
|
2024-11-21 12:21 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249006
|
6.1 |
MEDIUM
Network
|
ibm
|
websphere_portal
|
IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1120
|
2024-11-21 12:21 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249007
|
4.3 |
MEDIUM
Network
|
ibm
|
algo_one
|
IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could allow a user to gain access to another user's reports using a specially crafted HTTP request. IBM Reference #: 1999754.
|
CWE-200
Information Exposure
|
CVE-2017-1155
|
2024-11-21 12:21 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249008
|
8.1 |
HIGH
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID Connect (OIDC) configured with a Trust Association Interceptor (TAI) could allow a user to gain elevated privileges on the syste…
|
NVD-CWE-noinfo
|
CVE-2017-1151
|
2024-11-21 12:21 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249009
|
5.4 |
MEDIUM
Network
|
ibm
|
content_navigator
|
IBM Content Navigator 2.0.3 and 3.0.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1146
|
2024-11-21 12:21 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249010
|
8.6 |
HIGH
Network
|
ibm
|
websphere_mq
|
IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #:…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2017-1145
|
2024-11-21 12:21 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
