Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2017-02-01 CVE-2016-8938 Improper Access Control vulnerability in IBM Urbancode Deploy
IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server.
network
low complexity
ibm CWE-284
critical
 10.0
10
2017-02-01 CVE-2016-8933 Path Traversal vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm CWE-22
6.5
6.5
2017-02-01 CVE-2016-8932 Improper Access Control vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
network
low complexity
ibm CWE-284
8.8
8.8
2017-02-01 CVE-2016-8931 Improper Access Control vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
network
low complexity
ibm CWE-284
8.8
8.8
2017-02-01 CVE-2016-8930 SQL Injection vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
7.6
7.6
2017-02-01 CVE-2016-8929 SQL Injection vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
5.4
5.4
2017-02-01 CVE-2016-8928 SQL Injection vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
7.6
7.6
2017-02-01 CVE-2016-8919 Resource Management Errors vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server may be vulnerable to a denial of service, caused by allowing serialized objects from untrusted sources to run and cause the consumption of resources.
network
low complexity
ibm CWE-399
7.5
7.5
2017-02-01 CVE-2016-6115 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM General Parallel File System and Spectrum Scale
IBM General Parallel File System is vulnerable to a buffer overflow.
network
low complexity
ibm CWE-119
7.2
7.2
2017-02-01 CVE-2016-6110 Credentials Management vulnerability in IBM Tivoli Storage Manager
IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user.
local
low complexity
ibm CWE-255
6.5
6.5