Filtered by vendor Ibm
Subscribe
Total
6536 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-8918 | 1 Ibm | 1 Security Appscan | 2017-09-07 | 5.8 MEDIUM | N/A |
| IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-8920 | 1 Ibm | 1 I Access | 2017-09-07 | 7.2 HIGH | N/A |
| Buffer overflow in the Data Transfer Program in IBM i Access 5770-XE1 5R4, 6.1, and 7.1 on Windows allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2014-8911 | 1 Ibm | 1 Content Navigator | 2017-09-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.0 and 2.0.1 before 2.0.1.2 FP002 IF003 and 2.0.3 before 2.0.3.2 FP002 allows remote attackers to inject arbitrary web script or HTML via the Accept-Language HTTP header. | |||||
| CVE-2015-0108 | 1 Ibm | 11 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 8 more | 2017-09-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.8, and Maximo Asset Management 7.1 through 7.1.1.8 and 7.2 for Tivoli IT Asset Management for IT and certain other products, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-0104, CVE-2015-0107, and CVE-2015-0109. | |||||
| CVE-2015-0109 | 1 Ibm | 11 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 8 more | 2017-09-07 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.8, and Maximo Asset Management 7.1 through 7.1.1.8 and 7.2 for Tivoli IT Asset Management for IT and certain other products, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-0104, CVE-2015-0107, and CVE-2015-0108. | |||||
| CVE-2015-7450 | 1 Ibm | 1 Tivoli Common Reporting | 2017-09-07 | 10.0 HIGH | 9.8 CRITICAL |
| Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the Apache Commons Collections library. | |||||
| CVE-2015-7490 | 1 Ibm | 1 Infosphere Information Server | 2017-09-07 | 3.5 LOW | 3.1 LOW |
| IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3 through 11.3.1.2, and 11.5 allows remote authenticated users to bypass intended access restrictions via a modified cookie. | |||||
| CVE-2017-1097 | 1 Ibm | 1 Emptoris Strategic Supply Management | 2017-09-07 | 6.8 MEDIUM | 8.8 HIGH |
| IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 120657. | |||||
| CVE-2016-0354 | 1 Ibm | 1 Sametime | 2017-09-06 | 6.0 MEDIUM | 5.5 MEDIUM |
| IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user to upload a malicious file to a Sametime meeting room, that could be downloaded by unsuspecting users which could be executed with user privileges. IBM X-Force ID: 111893. | |||||
| CVE-2016-0355 | 1 Ibm | 1 Sametime | 2017-09-06 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. IBM X-Force ID: 111894. | |||||
| CVE-2016-0356 | 1 Ibm | 1 Sametime | 2017-09-06 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. IBM X-Force ID: 111895. | |||||
| CVE-2016-2959 | 1 Ibm | 1 Sametime | 2017-09-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting room manager to remove the primary managers privileges. IBM X-Force ID: 113804. | |||||
| CVE-2016-2965 | 1 Ibm | 1 Sametime | 2017-09-06 | 4.3 MEDIUM | 6.5 MEDIUM |
| IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious link, a remote attacker could force the user to log out of Sametime. IBM X-Force ID: 113846. | |||||
| CVE-2016-2969 | 1 Ibm | 1 Sametime | 2017-09-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Sametime Meeting Server 8.5.2 and 9.0 may send replies that contain emails of people that should not be in these messages. IBM X-Force ID: 113850. | |||||
| CVE-2016-2971 | 1 Ibm | 1 Sametime | 2017-09-06 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Sametime Media Services 8.5.2 and 9.0 can disclose sensitive information in stack trace error logs that could aid an attacker in future attacks. IBM X-Force ID: 113898. | |||||
| CVE-2016-2972 | 1 Ibm | 1 Sametime | 2017-09-06 | 2.1 LOW | 7.8 HIGH |
| IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of the Sametime Meetings user in the local cache of their browser which could be accessed by a local user. IBM X-Force ID: 113855. | |||||
| CVE-2016-2973 | 1 Ibm | 1 Sametime | 2017-09-06 | 3.5 LOW | 5.4 MEDIUM |
| IBM Sametime Media Services 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113899. | |||||
| CVE-2016-2977 | 1 Ibm | 1 Sametime | 2017-09-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user to lower other users hands in the meeting. IBM X-Force ID: 113937. | |||||
| CVE-2016-2979 | 1 Ibm | 1 Sametime | 2017-09-06 | 3.5 LOW | 5.4 MEDIUM |
| IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113945. | |||||
| CVE-2015-0114 | 1 Ibm | 1 I Access For Windows | 2017-09-05 | 4.6 MEDIUM | 7.8 HIGH |
| Stack-based buffer overflow in IBM V5R4, and IBM i Access for Windows 6.1 and 7.1. | |||||