|
266801
|
4.3 |
MEDIUM
Network
|
ibm
|
cognos_analytics
|
IBM Cognos Analytics (CA) 11.0 before 11.0.2 allows remote attackers to conduct content-spoofing attacks via a crafted URL.
|
CWE-20
Improper Input Validation
|
CVE-2016-0398
|
2024-11-21 11:41 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266802
|
9.8 |
CRITICAL
Network
|
ibm
|
watson_developer_cloud
|
The IBM Watson Developer Cloud services on Bluemix platforms do not properly generate random numbers for service-instance credentials, which makes it easier for remote attackers to defeat cryptograph…
|
CWE-284
Improper Access Control
|
CVE-2016-0391
|
2024-11-21 11:41 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266803
|
5.4 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0387
|
2024-11-21 11:41 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266804
|
8.0 |
HIGH
Network
|
ibm
|
tririga_application_platform
|
Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to hijack the auth…
|
CWE-352
Origin Validation Error
|
CVE-2016-0386
|
2024-11-21 11:41 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266805
|
8.8 |
HIGH
Network
|
ibm
|
messagesight
|
JMS Client in IBM MessageSight 1.1.x through 1.1.0.1, 1.2.x through 1.2.0.3, and 2.0.x through 2.0.0.0 allows remote authenticated users to obtain administrator privileges for executing arbitrary com…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-0375
|
2024-11-21 11:41 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266806
|
8.8 |
HIGH
Network
|
ibm
|
tririga_application_platform
|
The builder tools in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allow remote authenticated users to gain privileges for application modification v…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-0374
|
2024-11-21 11:41 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266807
|
5.9 |
MEDIUM
Network
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1, when agent-relay Codestation artifact caching is enabled, allows remote attackers to bypass authentication …
|
CWE-200
Information Exposure
|
CVE-2016-0365
|
2024-11-21 11:41 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266808
|
4.3 |
MEDIUM
Network
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy 6.0.x before 6.0.1.13, 6.1.x before 6.1.3.3, and 6.2.x before 6.2.1.1 does not properly implement a logging-obfuscation feature for secure properties, which allows remote authent…
|
CWE-200
Information Exposure
|
CVE-2016-0364
|
2024-11-21 11:41 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266809
|
7.7 |
HIGH
Network
|
ibm
|
tririga_application_platform
|
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger ne…
|
NVD-CWE-Other
|
CVE-2016-0362
|
2024-11-21 11:41 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266810
|
6.5 |
MEDIUM
Network
|
ibm
|
business_process_manager
|
IBM Business Process Manager 8.5.6 through 8.5.6.2 and 8.5.7 before 8.5.7.CF201606 allows remote authenticated users to bypass intended access restrictions and update process-instance variables via a…
|
CWE-284
Improper Access Control
|
CVE-2016-0349
|
2024-11-21 11:41 |
2016-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
