|
268561
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5899
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268562
|
4.3 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service (JRS) could allow a remote attacker to obtain sensitive information, caused by not restricting JSON serialization. By sending a direct request, an attacker could exploit th…
|
CWE-254
7PK - Security Features
|
CVE-2016-5898
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268563
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service (JRS) is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the secur…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5897
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268564
|
5.3 |
MEDIUM
Network
|
ibm
|
maximo_for_transportation
maximo_for_life_sciences
maximo_for_oil_and_gas
maximo_for_aviation
maximo_asset_management
maximo_for_nuclear_power
|
IBM Maximo Asset Management could disclose sensitive information from a stack trace after submitting incorrect login onto Cognos browser.
|
CWE-200
Information Exposure
|
CVE-2016-5896
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268565
|
6.1 |
MEDIUM
Network
|
ibm
|
inotes
domino
|
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cred…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5884
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268566
|
6.1 |
MEDIUM
Network
|
ibm
|
inotes
domino
|
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cred…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5882
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268567
|
5.4 |
MEDIUM
Network
|
ibm
|
inotes
domino
|
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cred…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5880
|
2024-11-21 11:55 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268568
|
5.9 |
MEDIUM
Network
|
openvpn
|
openvpn
|
OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-ov…
|
CWE-310
CWE-200
Cryptographic Issues
Information Exposure
|
CVE-2016-6329
|
2024-11-21 11:55 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268569
|
6.1 |
MEDIUM
Network
|
atlassian
|
jira
|
Cross-site scripting (XSS) vulnerability in includes/decorators/global-translations.jsp in Atlassian JIRA before 7.2.2 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6285
|
2024-11-21 11:55 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268570
|
8.8 |
HIGH
Network
|
trendmicro
|
virtual_mobile_infrastructure
|
The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in Trend Micro Virtual Mobile Infrastructure before 5.1 allows remote authenticated users to execute arbitrar…
|
CWE-77
Command Injection
|
CVE-2016-6270
|
2024-11-21 11:55 |
2017-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
