Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-11 | CVE-2017-1740 | Cross-site Scripting vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. | 5.4 |
| 2018-01-11 | CVE-2017-1739 | Cross-site Scripting vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 is vulnerable to cross-site scripting. | 5.4 |
| 2018-01-11 | CVE-2017-1681 | Information Exposure vulnerability in IBM Liberty 3.13/3.15 IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.15) could allow a local attacker to obtain sensitive information, caused by improper handling of application requests, which could allow unauthorized access to read a file. | 3.3 |
| 2018-01-11 | CVE-2017-1478 | Information Exposure vulnerability in IBM Security Access Manager 9.0 Firmware IBM Security Access Manager Appliance 9.0.0 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2018-01-10 | CVE-2017-1623 | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting. | 6.1 |
| 2018-01-10 | CVE-2017-1534 | Open Redirect vulnerability in IBM products IBM Security Access Manager Appliance 8.0.0 and 9.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2018-01-10 | CVE-2017-1533 | Cross-site Scripting vulnerability in IBM Security Access Manager 9.0 Firmware IBM Security Access Manager Appliance 9.0.3 is vulnerable to cross-site scripting. | 6.1 |
| 2018-01-10 | CVE-2017-1459 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM products IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. | 4.2 |
| 2018-01-10 | CVE-2016-9722 | Improper Access Control vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 and 7.3 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. | 4.2 |
| 2018-01-09 | CVE-2017-1671 | Path Traversal vulnerability in IBM Security KEY Lifecycle Manager IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to traverse directories on the system. | 7.5 |