|
266171
|
3.7 |
LOW
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. This could allow an attacker to obtain sensitive information using man in the mi…
|
CWE-200
Information Exposure
|
CVE-2016-0238
|
2024-11-21 11:41 |
2017-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266172
|
6.5 |
MEDIUM
Network
|
ibm
|
cognos_business_intelligence
|
IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote authenticated attacker c…
|
CWE-611
XXE
|
CVE-2016-0254
|
2024-11-21 11:41 |
2017-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266173
|
6.1 |
MEDIUM
Network
|
ibm
|
marketing_platform
|
IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject ma…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0255
|
2024-11-21 11:41 |
2017-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266174
|
4.0 |
MEDIUM
Local
|
ibm
|
tealeaf_consumer_experience
|
The IBM Tealeaf Consumer Experience 8.7, 8.8, and 9.0 portal exposes some of its operational state in a form that may be accidentally captured and exposed by network infrastructure components such as…
|
CWE-200
Information Exposure
|
CVE-2016-0382
|
2024-11-21 11:41 |
2017-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266175
|
5.4 |
MEDIUM
Network
|
ibm
|
marketing_platform
|
IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to red…
|
CWE-601
Open Redirect
|
CVE-2016-0228
|
2024-11-21 11:41 |
2017-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266176
|
9.8 |
CRITICAL
Network
|
ibm
|
websphere_mq_jms
|
IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2016-0360
|
2024-11-21 11:41 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266177
|
5.4 |
MEDIUM
Network
|
ibm
|
connections
|
IBM Connections 5.5 and earlier is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain.
|
CWE-79
Cross-site Scripting
|
CVE-2016-0310
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266178
|
4.3 |
MEDIUM
Network
|
ibm
|
connections
|
IBM Connections 5.5 and earlier is vulnerable to possible link manipulation attack that could result in the display of inappropriate background images.
|
CWE-284
Improper Access Control
|
CVE-2016-0308
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266179
|
4.3 |
MEDIUM
Network
|
ibm
|
connections
|
IBM Connections 5.5 and earlier allows remote attackers to obtain sensitive information by reading stack traces in returned responses.
|
CWE-200
Information Exposure
|
CVE-2016-0307
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266180
|
5.4 |
MEDIUM
Network
|
ibm
|
connections
|
IBM Connections is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execut…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0305
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
