|
269091
|
2.7 |
LOW
Network
|
ibm
|
forms_experience_builder
|
XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112…
|
CWE-611
XXE
|
CVE-2016-0369
|
2024-11-21 11:41 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269092
|
4.3 |
MEDIUM
Network
|
ibm
|
security_identity_manager_virtual_appliance
|
IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 allows remote authenticated users to obtain sensitive information by reading an error message. IBM X-Force ID: 1120…
|
CWE-200
Information Exposure
|
CVE-2016-0367
|
2024-11-21 11:41 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269093
|
3.7 |
LOW
Network
|
ibm
|
security_privileged_identity_manager
|
IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 might allow remote attackers to obtain sensitive information by leveraging weak encryption. IBM X-Force ID: 112071.
|
CWE-200
Information Exposure
|
CVE-2016-0366
|
2024-11-21 11:41 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269094
|
3.7 |
LOW
Network
|
ibm
|
security_identity_manager_virtual_appliance
|
IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 does not set the secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers…
|
CWE-200
Information Exposure
|
CVE-2016-0351
|
2024-11-21 11:41 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269095
|
8.0 |
HIGH
Network
|
ibm
|
tririga_application_platform
|
Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3, 3.3.1, 3.3.2, and 3.4 allows remote attackers to hijack the authentication of arbitrary users for requests tha…
|
CWE-352
Origin Validation Error
|
CVE-2016-0348
|
2024-11-21 11:41 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269096
|
4.3 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain the installation path via vectors involving Birt report ren…
|
CWE-200
Information Exposure
|
CVE-2016-0345
|
2024-11-21 11:41 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269097
|
5.4 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
Cross-site scripting (XSS) vulnerability in the My Reports component in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to inje…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0344
|
2024-11-21 11:41 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269098
|
4.3 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain sensitive information by reading an error message. IBM X-Fo…
|
CWE-200
Information Exposure
|
CVE-2016-0343
|
2024-11-21 11:41 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269099
|
5.4 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to read or modify arbitrary reports by leveraging an incorrect grant …
|
CWE-284
Improper Access Control
|
CVE-2016-0342
|
2024-11-21 11:41 |
2018-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269100
|
5.4 |
MEDIUM
Network
|
ibm
|
emptoris_sourcing
|
Open redirect vulnerability in IBM Emptoris Sourcing 10.0.0.x before 10.0.0.1_iFix3, 10.0.1.x before 10.0.1.3_iFix3, 10.0.2.x before 10.0.2.8_iFix1, 10.0.4.0 before 10.0.4.0_iFix8, and 10.1.0.0 befor…
|
CWE-601
Open Redirect
|
CVE-2016-0329
|
2024-11-21 11:41 |
2018-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
