Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-14 | CVE-2018-1441 | Cross-site Scripting vulnerability in IBM Monitoring 8.1.3/8.1.4 IBM Application Performance Management - Response Time Monitoring Agent (IBM Monitoring 8.1.3 and 8.1.4) is vulnerable to cross-site scripting. | 6.1 |
| 2018-03-14 | CVE-2018-1437 | Untrusted Search Path vulnerability in IBM Notes IBM Notes 8.5 and 9.0 could allow an attacker to execute arbitrary code on the system, caused by an error related to multiple untrusted search path. | 7.8 |
| 2018-03-14 | CVE-2018-1435 | Untrusted Search Path vulnerability in IBM Notes IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. | 7.8 |
| 2018-03-14 | CVE-2018-1386 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Tivoli Workload Scheduler IBM Tivoli Workload Automation for AIX (IBM Workload Scheduler 8.6, 9.1, 9.2, 9.3, and 9.4) contains directories with improper permissions that could allow a local user to with special access to gain root privileges. | 7.8 |
| 2018-03-14 | CVE-2017-1741 | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console panel fields. | 4.3 |
| 2018-03-12 | CVE-2016-0261 | Cross-site Scripting vulnerability in IBM Care Management and Curam Social Program Management Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0.0 before SP2 EP29, 6.0.4 before 6.0.4.6 iFix3, 6.0.5 before 6.0.5.9 iFix2, 6.1.0 before 6.1.0.1 iFix1, and 6.1.1 before 6.1.1.1 iFix1; and IBM Care Management 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2018-03-12 | CVE-2016-0250 | XXE vulnerability in IBM Infosphere Information Server XML external entity (XXE) vulnerability in IBM InfoSphere Information Governance Catalog 11.3 before 11.3.1.2 and 11.5 before 11.5.0.1 allows remote authenticated users to read arbitrary files or cause a denial of service via crafted XML data. | 5.4 |
| 2018-03-12 | CVE-2016-0237 | Information Exposure vulnerability in IBM Security Guardium Database Activity Monitor 10.0 IBM Security Guardium Database Activity Monitor 10 allows local users to obtain sensitive information by reading cached browser data. | 5.5 |
| 2018-03-12 | CVE-2016-0235 | Use of Hard-coded Credentials vulnerability in IBM Security Guardium Database Activity Monitor 10.0 IBM Security Guardium Database Activity Monitor 10 allows local users to have unspecified impact by leveraging administrator access to a hardcoded password, related to use on GRUB systems. | 8.2 |
| 2018-03-09 | CVE-2016-0286 | Information Exposure vulnerability in IBM Tivoli Business Service Manager 6.1.0/6.1.1 IBM Tivoli Business Service Manager 6.1.0 before 6.1.0-TIV-BSM-FP0004 and 6.1.1 before 6.1.1-TIV-BSM-FP0004 allows remote authenticated users to obtain administrator passwords by leveraging unspecified privileges. | 8.8 |