|
275081
|
3.3 |
LOW
Local
|
ibm
|
cloud_orchestrator
|
IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow down for a short period of time by using a specially crafted and malformed URL.
|
CWE-20
Improper Input Validation
|
CVE-2016-0206
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275082
|
5.5 |
MEDIUM
Local
|
ibm
|
cloud_orchestrator
smartcloud_orchestrator
|
A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view background information associated with actions performed on virtual …
|
CWE-200
Information Exposure
|
CVE-2016-0203
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275083
|
3.3 |
LOW
Local
|
ibm
|
cloud_orchestrator
|
A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view…
|
CWE-200
Information Exposure
|
CVE-2016-0202
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275084
|
5.9 |
MEDIUM
Network
|
ibm
|
notes
domino
client_application_access
|
IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1, when using TLS and AES GCM, uses random nonce generation, which makes it easier for remote attackers to obtain the au…
|
CWE-200
Information Exposure
|
CVE-2016-0270
|
2024-11-21 11:41 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275085
|
4.3 |
MEDIUM
Network
|
ibm
|
urbancode_deploy
|
IBM UrbanCode Deploy could allow an authenticated user to modify Ucd objects due to multiple REST endpoints not properly authorizing users editing UCD objects. This could affect the behavior of legit…
|
CWE-284
Improper Access Control
|
CVE-2016-0320
|
2024-11-21 11:41 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275086
|
5.4 |
MEDIUM
Network
|
ibm
|
cognos_business_intelligence
|
IBM Cognos Business Intelligence and IBM Cognos Analytics are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerabi…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0218
|
2024-11-21 11:41 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275087
|
5.4 |
MEDIUM
Network
|
ibm
|
cognos_analytics
|
IBM Cognos Business Intelligence and IBM Cognos Analytics are vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vul…
|
CWE-79
Cross-site Scripting
|
CVE-2016-0217
|
2024-11-21 11:41 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275088
|
5.5 |
MEDIUM
Local
|
ibm
|
tivoli_storage_manager
|
The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled.
|
NVD-CWE-noinfo
|
CVE-2016-0371
|
2024-11-21 11:41 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275089
|
8.1 |
HIGH
Network
|
ibm
|
bigfix_platform
|
IBM Tivoli Endpoint Manager could allow a user under special circumstances to inject commands that would be executed with unnecessary higher privileges than expected.
|
CWE-77
Command Injection
|
CVE-2016-0396
|
2024-11-21 11:41 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275090
|
3.3 |
LOW
Local
|
ibm
|
websphere_message_broker
integration_bus
|
IBM Integration Bus and WebSphere Message broker sets incorrect permissions for an object that could allow a local attacker to manipulate certain files.
|
CWE-275
Permission Issues
|
CVE-2016-0394
|
2024-11-21 11:41 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
