Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-22 | CVE-2017-1159 | Open Redirect vulnerability in IBM Business Process Manager IBM Business Process Manager 8.0 and 8.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.4 |
| 2017-05-22 | CVE-2017-1092 | Unspecified vulnerability in IBM Informix Open Admin Tool 11.5/11.7/12.1 IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. | 9.8 |
| 2017-05-22 | CVE-2016-6112 | Permissions, Privileges, and Access Controls vulnerability in IBM products IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. | 8.8 |
| 2017-05-15 | CVE-2016-9750 | Credentials Management vulnerability in IBM Qradar Security Information and Event Manager 7.2.0/7.3.0 IBM QRadar 7.2 and 7.3 stores user credentials in plain in clear text which can be read by an authenticated user. | 6.5 |
| 2017-05-15 | CVE-2016-9735 | Information Exposure vulnerability in IBM products IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. | 4.3 |
| 2017-05-15 | CVE-2016-5979 | Permissions, Privileges, and Access Controls vulnerability in IBM Distributed Marketing IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged authenticated user to create an instance that gets created with security profile not valid for the templates, that results in the new instance not accessible for the intended user. | 2.7 |
| 2017-05-10 | CVE-2017-1137 | Unspecified vulnerability in IBM Websphere Application Server 8.0/8.5/8.5.5 IBM WebSphere Application Server 8.0 and 8.5.5 could provide weaker than expected security. | 8.1 |
| 2017-05-10 | CVE-2017-1103 | XXE vulnerability in IBM Rational Quality Manager and Rational Team Concert IBM Team Concert (RTC) is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. | 8.1 |
| 2017-05-10 | CVE-2016-6037 | Cross-site Scripting vulnerability in IBM Rational Quality Manager and Rational Team Concert IBM Rational Team Concert (RTC) is vulnerable to HTML injection. | 4.8 |
| 2017-05-10 | CVE-2016-6035 | Cross-site Scripting vulnerability in IBM Rational Quality Manager and Rational Team Concert IBM Rational Quality Manager is vulnerable to cross-site scripting. | 5.4 |