|
268521
|
6.1 |
MEDIUM
Network
|
ibm
|
inotes
domino
|
IBM Verse is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to crede…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6113
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268522
|
9.8 |
CRITICAL
Network
|
ibm
|
websphere_commerce
|
IBM WebSphere Commerce contains an unspecified vulnerability that could allow disclosure of user personal data, performing of unauthorized administrative operations, and potentially causing a denial …
|
NVD-CWE-noinfo
|
CVE-2016-6090
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268523
|
6.5 |
MEDIUM
Adjacent
|
ibm
|
bigfix_platform
|
IBM BigFix Platform could allow an attacker on the local network to crash the BES and relay servers.
|
CWE-284
Improper Access Control
|
CVE-2016-6085
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268524
|
6.5 |
MEDIUM
Adjacent
|
ibm
|
bigfix_platform
|
IBM BigFix Platform could allow an attacker on the local network to crash the BES server using a specially crafted XMLSchema request.
|
CWE-20
Improper Input Validation
|
CVE-2016-6084
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268525
|
10.0 |
CRITICAL
Network
|
ibm
|
bigfix_platform
|
IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free race condition. An attacker could exploit this vulnerability to execute arbitrary…
|
CWE-416
Use After Free
|
CVE-2016-6082
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268526
|
5.3 |
MEDIUM
Network
|
ibm
|
websphere_message_broker
|
The WebAdmin context for WebSphere Message Broker allows directory listings which could disclose sensitive information to the attacker.
|
CWE-200
Information Exposure
|
CVE-2016-6080
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268527
|
5.4 |
MEDIUM
Network
|
ibm
|
maximo_for_transportation
maximo_for_life_sciences
maximo_for_aviation
tivoli_asset_management_for_it
smartcloud_control_desk
tivoli_change_and_configuration_management_database
tiv…
|
IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentiall…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6072
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268528
|
7.8 |
HIGH
Local
|
ibm
|
security_guardium
|
IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root.
|
CWE-78
OS Command
|
CVE-2016-6065
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268529
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_collaborative_lifecycle_management
|
IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadin…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6061
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268530
|
8.1 |
HIGH
Network
|
ibm
|
infosphere_information_server
infosphere_datastage
infosphere_information_server_on_cloud
|
IBM InfoSphere Information Server is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerabi…
|
CWE-611
XXE
|
CVE-2016-6059
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
