|
269121
|
5.4 |
MEDIUM
Network
|
ibm
|
marketing_platform
|
IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to red…
|
CWE-601
Open Redirect
|
CVE-2016-0228
|
2024-11-21 11:41 |
2017-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269122
|
9.8 |
CRITICAL
Network
|
ibm
|
websphere_mq_jms
|
IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2016-0360
|
2024-11-21 11:41 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269123
|
5.4 |
MEDIUM
Network
|
ibm
|
connections
|
IBM Connections 5.5 and earlier is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain.
|
CWE-79
Cross-site Scripting
|
CVE-2016-0310
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269124
|
4.3 |
MEDIUM
Network
|
ibm
|
connections
|
IBM Connections 5.5 and earlier is vulnerable to possible link manipulation attack that could result in the display of inappropriate background images.
|
CWE-284
Improper Access Control
|
CVE-2016-0308
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269125
|
4.3 |
MEDIUM
Network
|
ibm
|
connections
|
IBM Connections 5.5 and earlier allows remote attackers to obtain sensitive information by reading stack traces in returned responses.
|
CWE-200
Information Exposure
|
CVE-2016-0307
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269126
|
5.4 |
MEDIUM
Network
|
ibm
|
connections
|
IBM Connections is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execut…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0305
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269127
|
7.8 |
HIGH
Local
|
ibm
|
bigfix_platform
|
IBM Tivoli Endpoint Manager could allow a remote attacker to upload arbitrary files. A remote attacker could exploit this vulnerability to upload a malicious file. The only way that file would be exe…
|
CWE-284
Improper Access Control
|
CVE-2016-0214
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269128
|
5.3 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIONS method, a remote attacker could send a specially-crafted query to …
|
CWE-200
Information Exposure
|
CVE-2016-0210
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269129
|
3.3 |
LOW
Local
|
ibm
|
cloud_orchestrator
|
IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow down for a short period of time by using a specially crafted and malformed URL.
|
CWE-20
Improper Input Validation
|
CVE-2016-0206
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269130
|
5.5 |
MEDIUM
Local
|
ibm
|
cloud_orchestrator
smartcloud_orchestrator
|
A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view background information associated with actions performed on virtual …
|
CWE-200
Information Exposure
|
CVE-2016-0203
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
