|
270121
|
6.1 |
MEDIUM
Network
|
ibm
|
websphere_application_server
|
CRLF injection vulnerability in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 Full before 8.5.5.10, and 8.5 Liberty before Liberty Fix Pack 16.0.0.2 allows remo…
|
NVD-CWE-Other
|
CVE-2016-0359
|
2024-11-21 11:41 |
2016-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270122
|
5.4 |
MEDIUM
Network
|
ibm
|
cognos_business_intelligence
|
Cross-site scripting (XSS) vulnerability in IBM Cognos Business Intelligence 10.2 before IF20, 10.2.1 before IF17, 10.2.1.1 before IF16, 10.2.2 before IF12, and 10.1.1 before IF19 allows remote authe…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0346
|
2024-11-21 11:41 |
2016-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270123
|
5.4 |
MEDIUM
Network
|
ibm
|
cognos_business_intelligence
|
Cross-site scripting (XSS) vulnerability in IBM Cognos TM1, as used in IBM Cognos Business Intelligence 10.2 before IF20, 10.2.1 before IF17, 10.2.1.1 before IF16, 10.2.2 before IF12, and 10.1.1 befo…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0221
|
2024-11-21 11:41 |
2016-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270124
|
6.1 |
MEDIUM
Network
|
ibm
|
websphere_extreme_scale
|
CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 allows remote attackers to inject arbitrary HTTP hea…
|
NVD-CWE-Other
|
CVE-2016-0400
|
2024-11-21 11:41 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270125
|
5.4 |
MEDIUM
Network
|
ibm
|
maximo_asset_management
|
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5 before 7.5.0.9 IFIX007, and 7.6 before 7.6.0.5 FP005 allows remote authenticated users to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0399
|
2024-11-21 11:41 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270126
|
4.3 |
MEDIUM
Network
|
ibm
|
cognos_analytics
|
IBM Cognos Analytics (CA) 11.0 before 11.0.2 allows remote attackers to conduct content-spoofing attacks via a crafted URL.
|
CWE-20
Improper Input Validation
|
CVE-2016-0398
|
2024-11-21 11:41 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270127
|
9.8 |
CRITICAL
Network
|
ibm
|
watson_developer_cloud
|
The IBM Watson Developer Cloud services on Bluemix platforms do not properly generate random numbers for service-instance credentials, which makes it easier for remote attackers to defeat cryptograph…
|
CWE-284
Improper Access Control
|
CVE-2016-0391
|
2024-11-21 11:41 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270128
|
5.4 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0387
|
2024-11-21 11:41 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270129
|
8.0 |
HIGH
Network
|
ibm
|
tririga_application_platform
|
Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to hijack the auth…
|
CWE-352
Origin Validation Error
|
CVE-2016-0386
|
2024-11-21 11:41 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270130
|
8.8 |
HIGH
Network
|
ibm
|
messagesight
|
JMS Client in IBM MessageSight 1.1.x through 1.1.0.1, 1.2.x through 1.2.0.3, and 2.0.x through 2.0.0.0 allows remote authenticated users to obtain administrator privileges for executing arbitrary com…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-0375
|
2024-11-21 11:41 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
