|
266711
|
6.1 |
MEDIUM
Network
|
ibm
|
marketing_platform
|
IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject ma…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0255
|
2024-11-21 11:41 |
2017-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266712
|
4.0 |
MEDIUM
Local
|
ibm
|
tealeaf_consumer_experience
|
The IBM Tealeaf Consumer Experience 8.7, 8.8, and 9.0 portal exposes some of its operational state in a form that may be accidentally captured and exposed by network infrastructure components such as…
|
CWE-200
Information Exposure
|
CVE-2016-0382
|
2024-11-21 11:41 |
2017-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266713
|
5.4 |
MEDIUM
Network
|
ibm
|
marketing_platform
|
IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to red…
|
CWE-601
Open Redirect
|
CVE-2016-0228
|
2024-11-21 11:41 |
2017-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266714
|
9.8 |
CRITICAL
Network
|
ibm
|
websphere_mq_jms
|
IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2016-0360
|
2024-11-21 11:41 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266715
|
5.4 |
MEDIUM
Network
|
ibm
|
connections
|
IBM Connections 5.5 and earlier is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain.
|
CWE-79
Cross-site Scripting
|
CVE-2016-0310
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266716
|
4.3 |
MEDIUM
Network
|
ibm
|
connections
|
IBM Connections 5.5 and earlier is vulnerable to possible link manipulation attack that could result in the display of inappropriate background images.
|
CWE-284
Improper Access Control
|
CVE-2016-0308
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266717
|
4.3 |
MEDIUM
Network
|
ibm
|
connections
|
IBM Connections 5.5 and earlier allows remote attackers to obtain sensitive information by reading stack traces in returned responses.
|
CWE-200
Information Exposure
|
CVE-2016-0307
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266718
|
5.4 |
MEDIUM
Network
|
ibm
|
connections
|
IBM Connections is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execut…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0305
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266719
|
7.8 |
HIGH
Local
|
ibm
|
bigfix_platform
|
IBM Tivoli Endpoint Manager could allow a remote attacker to upload arbitrary files. A remote attacker could exploit this vulnerability to upload a malicious file. The only way that file would be exe…
|
CWE-284
Improper Access Control
|
CVE-2016-0214
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266720
|
5.3 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIONS method, a remote attacker could send a specially-crafted query to …
|
CWE-200
Information Exposure
|
CVE-2016-0210
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
