|
250311
|
6.1 |
MEDIUM
Network
|
ibm
|
cognos_analytics
|
IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnera…
|
CWE-20
Improper Input Validation
|
CVE-2017-1428
|
2024-11-21 12:21 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250312
|
6.1 |
MEDIUM
Network
|
ibm
|
cognos_analytics
|
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially …
|
CWE-79
Cross-site Scripting
|
CVE-2017-1427
|
2024-11-21 12:21 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250313
|
6.1 |
MEDIUM
Network
|
ibm
|
curam_social_program_management
|
IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafte…
|
CWE-601
Open Redirect
|
CVE-2017-1195
|
2024-11-21 12:21 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250314
|
6.1 |
MEDIUM
Network
|
ibm
|
tivoli_access_manager_for_e-business
security_access_manager_for_web_software
security_access_manager_for_web_appliance
security_access_manager_for_web
security_access_manager_for_mobile<…
|
IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an…
|
CWE-601
Open Redirect
|
CVE-2017-1489
|
2024-11-21 12:21 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250315
|
9.8 |
CRITICAL
Network
|
ibm
|
operations_analytics_predictive_insights
|
A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. IBM X-Force ID: 126873.
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2017-1376
|
2024-11-21 12:21 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250316
|
6.5 |
MEDIUM
Network
|
ibm
|
curam_social_program_management
|
IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 contains an unspecified vulnerability that could allow an authenticated user to view the incidents of a higher privileged user. IBM X-Force …
|
CWE-200
Information Exposure
|
CVE-2017-1110
|
2024-11-21 12:21 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250317
|
3.3 |
LOW
Local
|
ibm
|
maas360_dtm
|
IBM MaaS360 DTM all versions up to 3.81 does not perform proper verification for user rights of certain applications which could disclose sensitive information. IBM X-Force ID: 127412.
|
CWE-200
Information Exposure
|
CVE-2017-1422
|
2024-11-21 12:21 |
2017-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250318
|
5.9 |
MEDIUM
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 8.0, 8.5, and 9.0 could provide weaker than expected security after using the Admin Console to update the web services security bindings settings. IBM X-Force ID: 129…
|
CWE-200
Information Exposure
|
CVE-2017-1501
|
2024-11-21 12:21 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250319
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_doors_next_generation
rational_requirements_composer
|
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intende…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1338
|
2024-11-21 12:21 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250320
|
7.8 |
HIGH
Local
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. IBM X-Force ID: 128468.
|
CWE-94
Code Injection
|
CVE-2017-1469
|
2024-11-21 12:21 |
2017-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
