|
264581
|
5.5 |
MEDIUM
Local
|
ibm
|
license_metric_tool
bigfix_inventory
|
IBM BigFix Inventory v9 allows web pages to be stored locally which can be read by another user on the system.
|
CWE-200
Information Exposure
|
CVE-2016-8981
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264582
|
8.1 |
HIGH
Network
|
ibm
|
license_metric_tool
bigfix_inventory
|
IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to ex…
|
CWE-611
XXE
|
CVE-2016-8980
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264583
|
5.9 |
MEDIUM
Network
|
ibm
|
license_metric_tool
bigfix_inventory
|
IBM BigFix Inventory v9 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerab…
|
CWE-200
Information Exposure
|
CVE-2016-8966
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264584
|
6.1 |
MEDIUM
Network
|
ibm
|
license_metric_tool
bigfix_inventory
|
IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could…
|
CWE-601
Open Redirect
|
CVE-2016-8961
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264585
|
5.4 |
MEDIUM
Network
|
ibm
|
spectrum_control
tivoli_storage_productivity_center
|
IBM Tivoli Storage Productivity Center is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality…
|
CWE-79
Cross-site Scripting
|
CVE-2016-8943
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264586
|
3.1 |
LOW
Network
|
ibm
|
spectrum_control
tivoli_storage_productivity_center
|
IBM Tivoli Storage Productivity Center could allow an authenticated user with intimate knowledge of the system to edit a limited set of properties on the server.
|
CWE-284
Improper Access Control
|
CVE-2016-8942
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264587
|
8.8 |
HIGH
Network
|
ibm
|
spectrum_control
tivoli_storage_productivity_center
|
IBM Tivoli Storage Productivity Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website…
|
CWE-352
Origin Validation Error
|
CVE-2016-8941
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264588
|
6.1 |
MEDIUM
Network
|
ibm
|
social_rendering_templates_for_digital_data_connector
|
IBM Social Rendering Templates for Digital Data Connector is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the int…
|
CWE-79
Cross-site Scripting
|
CVE-2016-8936
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264589
|
5.4 |
MEDIUM
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
|
CWE-79
Cross-site Scripting
|
CVE-2016-8934
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264590
|
6.1 |
MEDIUM
Network
|
ibm
|
web_content_manager_production_analytics
websphere_portal
|
Exphox WebRadar is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to…
|
CWE-79
Cross-site Scripting
|
CVE-2016-8922
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
