|
264881
|
8.8 |
HIGH
Network
|
ibm
|
marketing_platform
marketing_operations
distributed_marketing
|
IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. I…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6112
|
2024-11-21 11:55 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264882
|
2.7 |
LOW
Network
|
ibm
|
distributed_marketing
|
IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged authenticated user to create an instance that gets created with security profile not valid for the templates, that results in the…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5979
|
2024-11-21 11:55 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264883
|
4.8 |
MEDIUM
Network
|
ibm
|
rational_team_concert
rational_quality_manager
|
IBM Rational Team Concert (RTC) is vulnerable to HTML injection. A remote attacker with project administrator privileges could send a project that contains malicious HTML code, which when the project…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6037
|
2024-11-21 11:55 |
2017-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264884
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_team_concert
rational_quality_manager
|
IBM Rational Quality Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6035
|
2024-11-21 11:55 |
2017-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264885
|
8.8 |
HIGH
Network
|
ibm
|
interact
|
IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website t…
|
CWE-352
Origin Validation Error
|
CVE-2016-5889
|
2024-11-21 11:55 |
2017-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264886
|
5.4 |
MEDIUM
Network
|
ibm
|
interact
|
IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality p…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5888
|
2024-11-21 11:55 |
2017-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264887
|
4.9 |
MEDIUM
Network
|
advantech
|
webaccess
|
upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive password information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-5810
|
2024-11-21 11:55 |
2017-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264888
|
8.6 |
HIGH
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a de…
|
CWE-399
Resource Management Errors
|
CVE-2016-6368
|
2024-11-21 11:55 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264889
|
6.1 |
MEDIUM
Network
|
redhat
|
resteasy
|
Cross-site scripting (XSS) vulnerability in the default exception handler in RESTEasy allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-6347
|
2024-11-21 11:55 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264890
|
5.5 |
MEDIUM
Local
|
ovirt
|
ovirt
|
oVirt Engine before 4.0.3 does not include DWH_DB_PASSWORD in the list of keys to hide in log files, which allows local users to obtain sensitive password information by reading engine log files.
|
CWE-200
Information Exposure
|
CVE-2016-6341
|
2024-11-21 11:55 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
