Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-05 | CVE-2017-1458 | XXE vulnerability in IBM Qradar Network Security 5.4 IBM QRadar Network Security 5.4 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 8.1 |
| 2017-09-05 | CVE-2017-1457 | Cross-site Scripting vulnerability in IBM Qradar Network Security 5.4 IBM QRadar Network Security 5.4 is vulnerable to cross-site scripting. | 6.1 |
| 2017-09-05 | CVE-2017-1130 | Unspecified vulnerability in IBM Inotes IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. | 6.5 |
| 2017-09-05 | CVE-2017-1129 | Unspecified vulnerability in IBM Expeditor and Inotes IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. | 6.5 |
| 2017-09-05 | CVE-2017-1097 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-08-31 | CVE-2017-1450 | Open Redirect vulnerability in IBM Emptoris Sourcing IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2017-08-31 | CVE-2017-1449 | Open Redirect vulnerability in IBM Emptoris Sourcing IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.4 |
| 2017-08-31 | CVE-2017-1447 | Cross-site Scripting vulnerability in IBM Emptoris Sourcing IBM Emptoris Sourcing 9.5 - 10.1.3 is vulnerable to cross-site scripting. | 5.4 |
| 2017-08-31 | CVE-2017-1444 | Cross-site Scripting vulnerability in IBM Emptoris Sourcing IBM Emptoris Sourcing 9.5 - 10.1.3 is vulnerable to cross-site scripting. | 5.4 |
| 2017-08-30 | CVE-2017-1446 | Cross-site Scripting vulnerability in IBM Emptoris Spend Analysis IBM Emptoris Spend Analysis 9.5.0.0 through 10.1.1 is vulnerable to cross-site scripting. | 5.4 |