|
249961
|
5.4 |
MEDIUM
Network
|
ibm
|
business_process_manager
|
IBM Business Process Manager 8.5.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pot…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1424
|
2024-11-21 12:21 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249962
|
7.8 |
HIGH
Local
|
ibm
|
security_identity_manager
|
IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 126801.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-1362
|
2024-11-21 12:21 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249963
|
2.5 |
LOW
Local
|
ibm
|
business_process_manager
|
IBM Business Process Manager 7.5, 8.0, and 8.5 temporarily stores files in a temporary folder during offline installs which could be read by a local user within a short timespan. IBM X-Force ID: 1264…
|
CWE-200
CWE-362
Information Exposure
Race Condition
|
CVE-2017-1346
|
2024-11-21 12:21 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249964
|
6.5 |
MEDIUM
Network
|
ibm
|
websphere_mq
|
IBM WebSphere MQ 8.0 could allow an authenticated user to cause a premature termination of a client application thread which could potentially cause denial of service. IBM X-Force ID: 123914.
|
NVD-CWE-noinfo
|
CVE-2017-1235
|
2024-11-21 12:21 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249965
|
5.3 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information.
|
CWE-200
Information Exposure
|
CVE-2017-1490
|
2024-11-21 12:21 |
2017-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249966
|
6.7 |
MEDIUM
Local
|
ibm
|
informix_dynamic_server
|
IBM Informix Dynamic Server 12.1 could allow a local user logged in with database administrator user to gain root privileges. IBM X-Force ID: 129620.
|
NVD-CWE-noinfo
|
CVE-2017-1508
|
2024-11-21 12:21 |
2017-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249967
|
7.8 |
HIGH
Local
|
ibm
|
db2
db2_connect
|
IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180.
|
NVD-CWE-noinfo
|
CVE-2017-1452
|
2024-11-21 12:21 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249968
|
7.8 |
HIGH
Local
|
ibm
|
db2
db2_connect
|
IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128178.
|
NVD-CWE-noinfo
|
CVE-2017-1451
|
2024-11-21 12:21 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249969
|
6.7 |
MEDIUM
Local
|
ibm
|
db2
db2_connect
|
IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128058.
|
NVD-CWE-noinfo
|
CVE-2017-1439
|
2024-11-21 12:21 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249970
|
6.7 |
MEDIUM
Local
|
ibm
|
db2
db2_connect
|
IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057.
|
NVD-CWE-noinfo
|
CVE-2017-1438
|
2024-11-21 12:21 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
