|
266121
|
5.4 |
MEDIUM
Network
|
ibm
|
openpages_grc_platform
|
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser with…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3049
|
2024-11-21 11:49 |
2017-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266122
|
9.8 |
CRITICAL
Network
|
apache
|
hadoop
|
The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications.
|
CWE-200
Information Exposure
|
CVE-2016-3086
|
2024-11-21 11:49 |
2017-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266123
|
6.3 |
MEDIUM
Network
|
ibm
|
sametime
|
The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can inject their own script by exploiting a vulnerability in the way that the WebPlayer works. IBM X-Fo…
|
CWE-74
Injection
|
CVE-2016-2980
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266124
|
3.3 |
LOW
Local
|
ibm
|
sametime
|
IBM Sametime 8.5.2 and 9.0 could store potentially sensitive information from the browser cache locally that could be available to a local user. IBM X-Force ID: 113938.
|
CWE-200
Information Exposure
|
CVE-2016-2978
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266125
|
4.3 |
MEDIUM
Network
|
ibm
|
sametime
|
IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invitee to obtain previously cleared sensitive information by viewing the meeting report history. IBM X-Force ID: 113936.
|
CWE-200
Information Exposure
|
CVE-2016-2976
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266126
|
5.4 |
MEDIUM
Network
|
ibm
|
sametime
|
IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2975
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266127
|
3.3 |
LOW
Local
|
ibm
|
sametime
|
IBM Sametime Connect 8.5.2 and 9.0, after uninstalling the Sametime Rich Client, could disclose potentially sensitive information related to the Sametime environment as well as other users on the loc…
|
CWE-200
Information Exposure
|
CVE-2016-2974
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266128
|
5.4 |
MEDIUM
Network
|
ibm
|
sametime
|
IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Sametime away message altering the intended functionality p…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2967
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266129
|
4.3 |
MEDIUM
Network
|
ibm
|
sametime
|
IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumerate meeting rooms by guessing the meeting room id. IBM X-Force ID: 113847.
|
CWE-200
Information Exposure
|
CVE-2016-2966
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266130
|
5.3 |
MEDIUM
Network
|
ibm
|
sametime
|
IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too detailed and may reveal details about the application. IBM X-Force ID: 113813.
|
CWE-200
Information Exposure
|
CVE-2016-2964
|
2024-11-21 11:49 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
