|
266841
|
8.8 |
HIGH
Network
|
ibm
|
jazz_reporting_service
|
Cross-site request forgery (CSRF) vulnerability in the Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016, 6.0 and 6.0.1 before 6.0.1 ifix…
|
CWE-352
Origin Validation Error
|
CVE-2016-2889
|
2024-11-21 11:49 |
2016-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266842
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
Cross-site scripting (XSS) vulnerability in the Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allows rem…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2888
|
2024-11-21 11:49 |
2016-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266843
|
7.5 |
HIGH
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server (WAS) 8.5 through 8.5.5.9 Liberty before Liberty Fix Pack 16.0.0.2 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified JAX-RS API cookie, whi…
|
CWE-200
Information Exposure
|
CVE-2016-2923
|
2024-11-21 11:49 |
2016-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266844
|
7.5 |
HIGH
Network
|
hp
apache
debian
canonical
|
icewall_sso_agent_option
icewall_identity_manager
tomcat
debian_linux
commons_fileupload
ubuntu_linux
|
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, all…
|
CWE-20
Improper Input Validation
|
CVE-2016-3092
|
2024-11-21 11:49 |
2016-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266845
|
2.5 |
LOW
Local
|
ibm
|
tivoli_storage_manager
|
IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.4.3.3, and 7.1 before 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary ac…
|
CWE-200
Information Exposure
|
CVE-2016-2894
|
2024-11-21 11:49 |
2016-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266846
|
6.5 |
MEDIUM
Network
|
ibm
|
security_qradar_incident_forensics
|
IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2968
|
2024-11-21 11:49 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266847
|
5.3 |
MEDIUM
Network
|
ibm
|
integration_bus
websphere_message_broker
|
The integration server in IBM Integration Bus 9 before 9.0.0.6 and 10 before 10.0.0.5 and WebSphere Message Broker 8 before 8.0.0.8 allows remote attackers to obtain sensitive Tomcat version informat…
|
CWE-200
Information Exposure
|
CVE-2016-2961
|
2024-11-21 11:49 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266848
|
5.4 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2883
|
2024-11-21 11:49 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266849
|
4.3 |
MEDIUM
Network
|
ibm
|
tririga_application_platform
|
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to obtain sensitive information by reading HTTP responses.
|
CWE-200
Information Exposure
|
CVE-2016-2882
|
2024-11-21 11:49 |
2016-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266850
|
6.5 |
MEDIUM
Network
|
bzip
python
|
bzip2
python
|
Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the…
|
NVD-CWE-Other
|
CVE-2016-3189
|
2024-11-21 11:49 |
2016-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
