|
272631
|
5.4 |
MEDIUM
Network
|
ibm
|
cognos_analytics
|
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially …
|
CWE-79
Cross-site Scripting
|
CVE-2016-3031
|
2024-11-21 11:49 |
2017-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272632
|
5.4 |
MEDIUM
Network
|
ibm
|
cognos_analytics
|
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially …
|
CWE-79
Cross-site Scripting
|
CVE-2016-3015
|
2024-11-21 11:49 |
2017-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272633
|
5.5 |
MEDIUM
Local
|
miniupnp_project
|
minissdpd
|
The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (invalid free and daemon crash) via vectors related to error handling.
|
CWE-416
Use After Free
|
CVE-2016-3179
|
2024-11-21 11:49 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272634
|
5.5 |
MEDIUM
Local
|
miniupnp_project
|
minissdpd
|
The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (out-of-bounds memory access and daemon crash) via vectors involving a negative …
|
CWE-125
Out-of-bounds Read
|
CVE-2016-3178
|
2024-11-21 11:49 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272635
|
6.8 |
MEDIUM
Physics
|
ibm
|
rational_collaborative_lifecycle_management
|
An undisclosed vulnerability in the CLM applications in IBM Jazz Team Server may allow unauthorized access to user credentials. IBM Reference #: 1999965.
|
CWE-200
Information Exposure
|
CVE-2016-2981
|
2024-11-21 11:49 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272636
|
7.5 |
HIGH
Network
|
blackberry
|
good_control_server
|
An information disclosure vulnerability in the logging implementation of BlackBerry Good Control Server versions earlier than 2.3.53.62 allows remote attackers to gain and use logged encryption keys …
|
CWE-200
Information Exposure
|
CVE-2016-3127
|
2024-11-21 11:49 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272637
|
5.9 |
MEDIUM
Network
|
ibm
|
websphere_mq
|
Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques.
|
CWE-200
Information Exposure
|
CVE-2016-3052
|
2024-11-21 11:49 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272638
|
6.5 |
MEDIUM
Network
|
ibm
|
websphere_mq
|
IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661.
|
CWE-19
Data Processing Errors
|
CVE-2016-3013
|
2024-11-21 11:49 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272639
|
7.3 |
HIGH
Network
|
jenkins
|
script_security
|
The Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set arra…
|
CWE-254
7PK - Security Features
|
CVE-2016-3102
|
2024-11-21 11:49 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272640
|
5.4 |
MEDIUM
Network
|
jenkins
|
extra_columns
|
Cross-site scripting (XSS) vulnerability in the Extra Columns plugin before 1.17 in Jenkins allows remote attackers to inject arbitrary web script or HTML by leveraging failure to filter tool tips th…
|
CWE-79
Cross-site Scripting
|
CVE-2016-3101
|
2024-11-21 11:49 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
