|
268531
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadin…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6054
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268532
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6047
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268533
|
5.4 |
MEDIUM
Network
|
ibm
|
tivoli_storage_manager
|
IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functio…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6046
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268534
|
8.8 |
HIGH
Network
|
ibm
|
tivoli_storage_manager
|
IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the w…
|
CWE-352
Origin Validation Error
|
CVE-2016-6045
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268535
|
4.3 |
MEDIUM
Network
|
ibm
|
tivoli_storage_manager
|
IBM Tivoli Storage Manager Operations Center could allow an authenticated attacker to enable or disable the application's REST API, which may let the attacker violate security policy.
|
CWE-284
Improper Access Control
|
CVE-2016-6044
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268536
|
7.0 |
HIGH
Local
|
ibm
|
tivoli_storage_manager
|
Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced.
|
CWE-384
Session Fixation
|
CVE-2016-6043
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268537
|
7.3 |
HIGH
Local
|
ibm
|
security_appscan
|
IBM AppScan Enterprise Edition could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of objects in memory. By persuading a victim to open specially-crafte…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6042
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268538
|
5.0 |
MEDIUM
Network
|
ibm
|
rational_collaborative_lifecycle_management
|
IBM Jazz Foundation could allow an authenticated user to take over a previously logged in user due to session expiration not being enforced.
|
CWE-384
Session Fixation
|
CVE-2016-6040
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268539
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6039
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268540
|
6.8 |
MEDIUM
Network
|
ibm
|
tivoli_storage_manager_for_virtual_environments_data_protection_for_vmware
|
IBM Tivoli Storage Manager for Virtual Environments (VMware) could disclose the Windows domain credentials to a user with a high level of privileges.
|
CWE-200
Information Exposure
|
CVE-2016-6034
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
