|
280541
|
7.5 |
HIGH
Network
|
ibm
|
emptoris_contract_management
|
IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers…
|
CWE-20
Improper Input Validation
|
CVE-2015-5042
|
2024-11-21 11:32 |
2016-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280542
|
7.5 |
HIGH
Network
|
ibm
|
security_access_manager_for_web_7.0_firmware
security_access_manager_for_web_8.0_firmware
security_access_manager_9.0_firmware
|
The SSH implementation on IBM Security Access Manager for Web appliances 7.0 before 7.0.0 FP19, 8.0 before 8.0.1.3 IF3, and 9.0 before 9.0.0.0 IF1 does not properly restrict the set of MAC algorithms…
|
CWE-310
Cryptographic Issues
|
CVE-2015-5012
|
2024-11-21 11:32 |
2016-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280543
|
7.5 |
HIGH
Network
|
ibm
|
security_access_manager_for_web_8.0_firmware
security_access_manager_for_web_7.0_firmware
security_access_manager_9.0_firmware
|
IBM Security Access Manager for Web 7.0 before 7.0.0 IF21, 8.0 before 8.0.1.3 IF4, and 9.0 before 9.0.0.1 IF1 does not have a lockout mechanism for invalid login attempts, which makes it easier for r…
|
CWE-254
7PK - Security Features
|
CVE-2015-5010
|
2024-11-21 11:32 |
2016-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280544
|
4.0 |
MEDIUM
Local
|
ibm
|
spss_modeler
|
IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through FP1 IF018, and 17.1 through IF008 includes unspecified cleartext data in memory dumps, which allows loc…
|
CWE-200
Information Exposure
|
CVE-2015-4991
|
2024-11-21 11:32 |
2016-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280545
|
5.4 |
MEDIUM
Network
|
ibm
|
qradar_security_information_and_event_manager
|
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4957
|
2024-11-21 11:32 |
2016-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280546
|
7.4 |
HIGH
Network
|
ibm
|
qradar_security_information_and_event_manager
|
The Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated users to execute unspecified OS commands via unknown vectors.
|
CWE-78
OS Command
|
CVE-2015-4956
|
2024-11-21 11:32 |
2016-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280547
|
9.8 |
CRITICAL
Network
|
apache
|
camel
|
The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.
|
CWE-19
Data Processing Errors
|
CVE-2015-5344
|
2024-11-21 11:32 |
2016-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280548
|
- |
|
oracle
|
e-business_suite
|
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.1, and 12.2 allows remote attackers to affect integrity via vectors related to UIX.
|
NVD-CWE-noinfo
|
CVE-2015-4926
|
2024-11-21 11:32 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280549
|
- |
|
oracle
|
database_server
|
Unspecified vulnerability in the Workspace Manager component in Oracle Database Server 11.2.0.4 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown ve…
|
NVD-CWE-noinfo
|
CVE-2015-4925
|
2024-11-21 11:32 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280550
|
- |
|
oracle
|
supply_chain_products_suite
|
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect integrity via vectors …
|
NVD-CWE-noinfo
|
CVE-2015-4924
|
2024-11-21 11:32 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
