|
246511
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_software_architect_design_manager rational_collaborative_lifecycle_management rational_quality_manager rational_team_concert rational_doors_next_generation rational_engineerin…
|
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alteri…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1827
|
2024-11-21 13:00 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246512
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_software_architect_design_manager rational_collaborative_lifecycle_management rational_quality_manager rational_team_concert rational_doors_next_generation rational_engineerin…
|
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alteri…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1826
|
2024-11-21 13:00 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246513
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_software_architect_design_manager rational_collaborative_lifecycle_management rational_quality_manager rational_team_concert rational_doors_next_generation rational_engineerin…
|
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alteri…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1760
|
2024-11-21 13:00 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246514
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_software_architect_design_manager rational_collaborative_lifecycle_management rational_quality_manager rational_team_concert rational_doors_next_generation rational_engineerin…
|
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alteri…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1758
|
2024-11-21 13:00 |
2019-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246515
|
8.8 |
HIGH
Network
|
ibm
|
api_connect
|
IBM API Connect 5.0.0.0 through 5.0.8.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the websit…
|
CWE-352
Origin Validation Error
|
CVE-2018-1858
|
2024-11-21 13:00 |
2019-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246516
|
7.5 |
HIGH
Network
|
urbackup
|
urbackup
|
In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::ProcessPacket metadata_id!=0 assertion, leadi…
|
CWE-20
Improper Input Validation
|
CVE-2018-20013
|
2024-11-21 13:00 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246517
|
7.1 |
HIGH
Network
|
ibm
|
infosphere_information_server infosphere_governance_catalog infosphere_information_server_on_cloud infosphere_information_server_business_glossary infosphere_information_server_metadata_w…
|
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to ex…
|
CWE-611
XXE
|
CVE-2018-1845
|
2024-11-21 13:00 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246518
|
8.1 |
HIGH
Network
|
samsung
|
galaxy_apps
|
Samsung Galaxy Apps before 4.4.01.7 allows modification of the hostname used for load balancing on installations of applications through a man-in-the-middle attack. An attacker may trick Galaxy Apps …
|
CWE-295
Improper Certificate Validation
|
CVE-2018-20135
|
2024-11-21 13:00 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246519
|
9.9 |
CRITICAL
Network
|
cloudera
|
data_science_workbench
|
An SQL injection vulnerability was found in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal databa…
|
CWE-89
SQL Injection
|
CVE-2018-20091
|
2024-11-21 13:00 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246520
|
7.5 |
HIGH
Network
|
urbackup
|
urbackup
|
In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::GetFileHashAndMetadata NULL pointer dereferen…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-20014
|
2024-11-21 13:00 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|