Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-27 | CVE-2017-1570 | Information Exposure vulnerability in IBM products IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from stack traces. | 4.3 |
| 2017-11-27 | CVE-2017-1560 | Cross-site Scripting vulnerability in IBM Rational Doors Next Generation IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-11-27 | CVE-2017-1484 | Information Exposure vulnerability in IBM Websphere Commerce IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 could allow an authenticated attacker to obtain information such as user personal data. | 4.3 |
| 2017-11-27 | CVE-2017-1461 | Cross-site Scripting vulnerability in IBM Rational Doors Next Generation IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-11-27 | CVE-2017-1283 | Missing Release of Resource after Effective Lifetime vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a shared memory leak by MQ applications using dynamic queues, which can lead to lack of resources for other MQ applications. | 4.3 |
| 2017-11-27 | CVE-2017-1251 | Information Exposure vulnerability in IBM products An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. | 4.3 |
| 2017-11-27 | CVE-2017-1240 | Information Exposure vulnerability in IBM products IBM Rhapsody DM products could reveal sensitive information in HTTP 500 Internal Server Error responses. | 4.3 |
| 2017-11-27 | CVE-2016-6024 | Information Exposure vulnerability in IBM products IBM Jazz technology based products might divulge information that might be useful in helping attackers through error messages. | 4.3 |
| 2017-11-13 | CVE-2017-1710 | Unspecified vulnerability in IBM products A vulnerability in the Service Assistant GUI in IBM Storwize V7000 (2076) 8.1 could allow a remote attacker to perform a privilege escalation. | 9.8 |
| 2017-11-13 | CVE-2017-1477 | XXE vulnerability in IBM Security Access Manager 9.0 Firmware 9.0.3.0 IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 8.1 |