Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-6312 | 1 Ibm | 2 Rational Performance Tester, Rational Service Tester | 2017-08-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in IBM Rational Service Tester 8.3.x and 8.5.x before 8.5.1 and Rational Performance Tester 8.3.x and 8.5.x before 8.5.1 allows remote attackers to read arbitrary files via unknown vectors. | |||||
| CVE-2013-6314 | 1 Ibm | 2 Enterprise Records, Infosphere Enterprise Records | 2017-08-28 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in IBM InfoSphere Enterprise Records 4.5.1 before 4.5.1.7-IER-IF001 and Enterprise Records 5.1.1 before 5.1.1.1-IER-IF003 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-6315 | 1 Ibm | 2 Enterprise Records, Infosphere Enterprise Records | 2017-08-28 | 4.3 MEDIUM | N/A |
| IBM InfoSphere Enterprise Records 4.5.1 before 4.5.1.7-IER-IF001 and Enterprise Records 5.1.1 before 5.1.1.1-IER-IF003 do not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site. | |||||
| CVE-2013-6316 | 1 Ibm | 1 Websphere Portal | 2017-08-28 | 4.3 MEDIUM | N/A |
| IBM WebSphere Portal 7.0.0.x before 7.0.0.2 CF26 and 8.0.0.x before 8.0.0.1 CF09 does not properly handle content-selection changes during Taxonomy component rendering, which allows remote attackers to obtain sensitive property information in opportunistic circumstances by leveraging an error in a Web Content Manager (WCM) context processor. | |||||
| CVE-2013-6318 | 1 Ibm | 1 Algo One | 2017-08-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-6319 | 1 Ibm | 1 Algo One | 2017-08-28 | 4.0 MEDIUM | N/A |
| IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to bypass intended access restrictions and read content via unspecified vectors. | |||||
| CVE-2013-6320 | 1 Ibm | 1 Algo One | 2017-08-28 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-6299, CVE-2013-6300, CVE-2013-6301, and CVE-2013-6333. | |||||
| CVE-2013-6322 | 1 Ibm | 1 Sterling Selling And Fulfillment Foundation | 2017-08-28 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Sterling Order Management in IBM Sterling Selling and Fulfillment Suite 8.0 before HF128 and 8.5 before HF93 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-6323 | 1 Ibm | 2 Websphere Application Server, Websphere Virtual Enterprise | 2017-08-28 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 7.x before 7.0.0.33, 8.x before 8.0.0.9, and 8.5.x before 8.5.5.2, and WebSphere Virtual Enterprise 7.x before 7.0.0.5, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2013-6325 | 1 Ibm | 1 Websphere Application Server | 2017-08-28 | 4.3 MEDIUM | N/A |
| IBM WebSphere Application Server 7.x before 7.0.0.31, 8.0.x before 8.0.0.8, and 8.5.x before 8.5.5.2 allows remote attackers to cause a denial of service (resource consumption) via a crafted request to a web services endpoint. | |||||
| CVE-2013-6327 | 1 Ibm | 1 Sterling Connect Enterprise Http Option | 2017-08-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the HTTP Option in IBM Sterling Connect:Enterprise 1.3 before 1.3.0.2 iFix 1 and 1.4 before 1.4.0.0 iFix 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "cross-frame scripting" issue. | |||||
| CVE-2013-6328 | 1 Ibm | 1 Websphere Portal | 2017-08-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Web Content Manager (WCM) UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, and 8.0.0.x before 8.0.0.1 CF09 allows remote attackers to inject arbitrary web script or HTML via vectors involving IFRAME elements. | |||||
| CVE-2013-6329 | 1 Ibm | 3 Content Manager Ondemand For Multiplatforms, Global Security Kit, Security Access Manager For Web | 2017-08-28 | 7.8 HIGH | N/A |
| IBM Global Security Kit (aka GSKit), as used in Content Manager OnDemand 8.5 and 9.0 and other products, allows remote attackers to cause a denial of service via a crafted handshake during resumption of an SSLv2 session. | |||||
| CVE-2013-6330 | 1 Ibm | 1 Websphere Application Server | 2017-08-28 | 3.5 LOW | N/A |
| IBM WebSphere Application Server 7.x before 7.0.0.31, when simpleFileServlet static file caching is enabled, allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2013-6331 | 1 Ibm | 1 Algo One | 2017-08-28 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6302. | |||||
| CVE-2013-6332 | 1 Ibm | 1 Algo One | 2017-08-28 | 8.5 HIGH | N/A |
| Unrestricted file upload vulnerability in IBM Algo One UDS 4.7.0 through 5.0.0 allows remote authenticated users to execute arbitrary code by uploading a .jsp file and then launching it. | |||||
| CVE-2013-6333 | 1 Ibm | 1 Algo One | 2017-08-28 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-6299, CVE-2013-6300, CVE-2013-6301, and CVE-2013-6320. | |||||
| CVE-2013-6341 | 1 Dokeos | 1 Dokeos | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Dokeos 2.2 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the language parameter to index.php. | |||||
| CVE-2013-6370 | 2 Fedoraproject, Json-c Project | 2 Fedora, Json-c | 2017-08-28 | 5.0 MEDIUM | N/A |
| Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2013-6371 | 2 Fedoraproject, Json-c Project | 2 Fedora, Json-c | 2017-08-28 | 5.0 MEDIUM | N/A |
| The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted JSON data, involving collisions. | |||||