Vulnerabilidades em IBM Corporation

288 resultados

CVE-2017-1194—IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site request forgery which could allow an attacker to executeEPSS 0.9%CVE-2016-5902—IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in theEPSS 0.9%CVE-2016-6096—IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitraEPSS 0.9%CVE-2016-9725—IBM QRadar Incident Forensics 7.2 allows for Cross-Origin Resource Sharing (CORS), which is a mechanism that allows web sites to request resEPSS 0.9%CVE-2016-9720—IBM QRadar 7.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBEPSS 0.9%CVE-2016-5900—IBM Tealeaf Customer Experience on Cloud Network Capture Add-On could allow a remote attacker to obtain sensitive information, caused by theEPSS 0.9%CVE-2016-2866—An unspecified vulnerability in IBM Jazz Team Server may disclose some deployment information to an authenticated user.EPSS 0.9%CVE-2016-8961—IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to EPSS 0.9%CVE-2016-9994—IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statemenEPSS 0.9%CVE-2016-9992—IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statemenEPSS 0.9%CVE-2016-9993—IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statemenEPSS 0.9%CVE-2016-5984—IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker cEPSS 0.9%CVE-2016-8915—IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels runningEPSS 0.8%CVE-2016-3045—IBM Security Access Manager for Web stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized EPSS 0.8%CVE-2016-5953—IBM Sterling Order Management transmits the session identifier within the URL. When a user is unable to view a certain view due to not beingEPSS 0.8%CVE-2016-8926—IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to read system files or data that is restricEPSS 0.8%CVE-2016-3052—Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted EPSS 0.8%CVE-2016-9750—IBM QRadar 7.2 and 7.3 stores user credentials in plain in clear text which can be read by an authenticated user. IBM X-Force ID: 120207.EPSS 0.8%CVE-2016-2942—IBM UrbanCode Deploy could allow an authenticated attacker with special permissions to craft a script on the server in a way that will causeEPSS 0.8%CVE-2016-9009—IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clusteriEPSS 0.8%

← anteriorpágina 7 / 15próxima →