Vulnerabilities in IBM Corporation
288 resultsCVE-2016-3032—IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the WEPSS 0.5%CVE-2016-6040—IBM Jazz Foundation could allow an authenticated user to take over a previously logged in user due to session expiration not being enforced.EPSS 0.5%CVE-2016-6085—IBM BigFix Platform could allow an attacker on the local network to crash the BES and relay servers.EPSS 0.5%CVE-2016-8942—IBM Tivoli Storage Productivity Center could allow an authenticated user with intimate knowledge of the system to edit a limited set of propEPSS 0.5%CVE-2016-9975—IBM Jazz for Service Management 1.1.2.1 and 1.1.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicEPSS 0.5%CVE-2016-3029—IBM Security Access Manager for Web is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unautEPSS 0.5%CVE-2016-5889—IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauEPSS 0.5%CVE-2016-5985—The IBM Tivoli Storage Manager (IBM Spectrum Protect) AIX client is vulnerable to a buffer overflow when Journal-Based Backup is enabled. A EPSS 0.4%CVE-2016-6065—IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root.EPSS 0.4%CVE-2017-1093—IBM AIX 6.1, 7.1, and 7.2 could allow a local user to exploit a vulnerability in the bellmail binary to gain root privileges.EPSS 0.4%CVE-2016-9739—IBM Security Identity Manager Virtual Appliance stores user credentials in plain in clear text which can be read by a local user.EPSS 0.4%CVE-2016-2941—IBM UrbanCode Deploy creates temporary files during step execution that could contain sensitive information including passwords that could bEPSS 0.4%CVE-2016-8944—IBM AIX 7.1 and 7.2 allows a local user to open a file with a specially crafted argument that would crash the system. IBM APARs: IV91488, IVEPSS 0.4%CVE-2015-7418—IBM WebSphere eXtreme Scale and the WebSphere DataPower XC10 Appliance allow some sensitive data to linger in memory instead of being overwrEPSS 0.4%CVE-2016-3016—IBM Security Access Manager for Web processes patches, image backups and other updates without sufficiently verifying the origin and integriEPSS 0.4%CVE-2016-0203—A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view backgrounEPSS 0.4%CVE-2015-1976—IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the toEPSS 0.3%CVE-2016-9730—IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthoEPSS 0.3%CVE-2016-9703—IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical acceEPSS 0.3%CVE-2016-0371—The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled.EPSS 0.3%