|
268501
|
3.1 |
LOW
Network
|
ibm
|
websphere_mq
|
IBM WebSphere MQ 7.5 before 7.5.0.7 and 8.0 before 8.0.0.5 mishandles protocol flows, which allows remote authenticated users to cause a denial of service (channel outage) by leveraging queue-manager…
|
CWE-19
Data Processing Errors
|
CVE-2016-0379
|
2024-11-21 11:41 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268502
|
3.7 |
LOW
Network
|
ibm
|
security_guardium
|
IBM Security Guardium 9.0 before p700 and 10.0 before p100 allows man-in-the-middle attackers to obtain sensitive query-string information from SSL sessions via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-0248
|
2024-11-21 11:41 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268503
|
6.5 |
MEDIUM
Network
|
microsoft
|
office
|
The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 export a certificate-store private key during a document-save operation, which allows attackers to obtain sensitive …
|
CWE-200
Information Exposure
|
CVE-2016-0141
|
2024-11-21 11:41 |
2016-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268504
|
4.3 |
MEDIUM
Network
|
microsoft
|
exchange_server
|
Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 misparses e-mail messages, which a…
|
CWE-200
Information Exposure
|
CVE-2016-0138
|
2024-11-21 11:41 |
2016-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268505
|
3.3 |
LOW
Local
|
microsoft
|
office
|
The Click-to-Run (C2R) implementation in Microsoft Office 2013 SP1 and 2016 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Microsoft APP-V ASLR Bypass."
|
CWE-254
7PK - Security Features
|
CVE-2016-0137
|
2024-11-21 11:41 |
2016-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268506
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_team_concert
rational_collaborative_lifecycle_management
|
Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 6.0.1 and 6.0.2 before 6.0.2 iFix2 and Rational Collaborative Lifecycle Management 6.0.1 and 6.0.2 before 6.0.2 iFix2 allows remo…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0331
|
2024-11-21 11:41 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268507
|
3.1 |
LOW
Network
|
ibm
|
websphere_application_server
|
Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.10, 9.0 before 9.0.0.1, and Liberty before 16.0.0.3, when HttpSessionIdReuse is en…
|
CWE-119
CWE-200
Incorrect Access of Indexable Resource ('Range Error')
Information Exposure
|
CVE-2016-0385
|
2024-11-21 11:41 |
2016-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268508
|
2.7 |
LOW
Network
|
ibm
|
forms_experience_builder
|
Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an …
|
CWE-79
Cross-site Scripting
|
CVE-2016-0370
|
2024-11-21 11:41 |
2016-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268509
|
6.1 |
MEDIUM
Network
|
ibm
|
bigfix_platform
|
Cross-site scripting (XSS) vulnerability in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.1.8 and 9.2.x before 9.2.8 allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0293
|
2024-11-21 11:41 |
2016-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268510
|
5.9 |
MEDIUM
Network
|
ibm
|
bigfix_webreports
|
WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic.
|
CWE-200
Information Exposure
|
CVE-2016-0397
|
2024-11-21 11:41 |
2016-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
