|
267471
|
4.3 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service (JRS) could allow a remote attacker to obtain sensitive information, caused by not restricting JSON serialization. By sending a direct request, an attacker could exploit th…
|
CWE-254
7PK - Security Features
|
CVE-2016-5898
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267472
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service (JRS) is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the secur…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5897
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267473
|
5.3 |
MEDIUM
Network
|
ibm
|
maximo_for_transportation
maximo_for_life_sciences
maximo_for_oil_and_gas
maximo_for_aviation
maximo_asset_management
maximo_for_nuclear_power
|
IBM Maximo Asset Management could disclose sensitive information from a stack trace after submitting incorrect login onto Cognos browser.
|
CWE-200
Information Exposure
|
CVE-2016-5896
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267474
|
6.1 |
MEDIUM
Network
|
ibm
|
inotes
domino
|
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cred…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5884
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267475
|
6.1 |
MEDIUM
Network
|
ibm
|
inotes
domino
|
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cred…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5882
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267476
|
5.4 |
MEDIUM
Network
|
ibm
|
inotes
domino
|
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cred…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5880
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267477
|
5.9 |
MEDIUM
Network
|
openvpn
|
openvpn
|
OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-ov…
|
CWE-310
CWE-200
Cryptographic Issues
Information Exposure
|
CVE-2016-6329
|
2024-11-21 11:55 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267478
|
6.1 |
MEDIUM
Network
|
atlassian
|
jira
|
Cross-site scripting (XSS) vulnerability in includes/decorators/global-translations.jsp in Atlassian JIRA before 7.2.2 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6285
|
2024-11-21 11:55 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267479
|
8.8 |
HIGH
Network
|
trendmicro
|
virtual_mobile_infrastructure
|
The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in Trend Micro Virtual Mobile Infrastructure before 5.1 allows remote authenticated users to execute arbitrar…
|
CWE-77
Command Injection
|
CVE-2016-6270
|
2024-11-21 11:55 |
2017-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267480
|
9.1 |
CRITICAL
Network
|
trendmicro
|
smart_protection_server
|
Multiple directory traversal vulnerabilities in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allow remote attackers to read and delete a…
|
CWE-22
Path Traversal
|
CVE-2016-6269
|
2024-11-21 11:55 |
2017-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
