|
264871
|
7.5 |
HIGH
Network
|
fedoraproject
elog_project
|
fedora
elog
|
elog 3.1.1 allows remote attackers to post data as any username in the logbook.
|
CWE-284
Improper Access Control
|
CVE-2016-6342
|
2024-11-21 11:55 |
2017-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264872
|
5.3 |
MEDIUM
Network
|
ibm
|
tivoli_monitoring
|
IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. IBM X-Force ID: 117696.
|
CWE-200
Information Exposure
|
CVE-2016-6083
|
2024-11-21 11:55 |
2017-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264873
|
5.5 |
MEDIUM
Local
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 115336.
|
CWE-200
Information Exposure
|
CVE-2016-5893
|
2024-11-21 11:55 |
2017-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264874
|
8.1 |
HIGH
Network
|
ibm
|
tivoli_key_lifecycle_manager
security_key_lifecycle_manager
|
IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
|
CWE-284
Improper Access Control
|
CVE-2016-6098
|
2024-11-21 11:55 |
2017-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264875
|
9.8 |
CRITICAL
Network
|
ibm
|
tivoli_key_lifecycle_manager
security_key_lifecycle_manager
|
IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
|
CWE-255
Credentials Management
|
CVE-2016-6093
|
2024-11-21 11:55 |
2017-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264876
|
5.5 |
MEDIUM
Local
|
ibm
|
websphere_mq
|
IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write to a file or delete files in a directory they should not have access to due to improper access controls. IBM X-Force ID: 117926.
|
CWE-284
Improper Access Control
|
CVE-2016-6089
|
2024-11-21 11:55 |
2017-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264877
|
9.8 |
CRITICAL
Network
|
ibm
|
domino
|
IBM Domino 8.5 and 9.0 could allow an attacker to steal credentials using multiple sessions and large amounts of data using Domino TLS Key Exchange validation. IBM X-Force ID: 117918.
|
CWE-20
Improper Input Validation
|
CVE-2016-6087
|
2024-11-21 11:55 |
2017-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264878
|
5.5 |
MEDIUM
Local
|
ibm
|
security_privileged_identity_manager
|
IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 116171.
|
CWE-200
Information Exposure
|
CVE-2016-5960
|
2024-11-21 11:55 |
2017-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264879
|
5.3 |
MEDIUM
Network
|
ibm
|
security_privileged_identity_manager
|
IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via se…
|
CWE-200
Information Exposure
|
CVE-2016-5959
|
2024-11-21 11:55 |
2017-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264880
|
9.6 |
CRITICAL
Network
|
sap
|
business_one
|
SAP Business One for Android 1.2.3 allows remote attackers to conduct XML External Entity (XXE) attacks via crafted XML data in a request to B1iXcellerator/exec/soap/vP.001sap0003.in_WCSX/com.sap.b1i…
|
CWE-611
XXE
|
CVE-2016-6256
|
2024-11-21 11:55 |
2017-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
