Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2016-9732 | Cross-site Scripting vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0, 6.1, 6.2 and 7.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-08-29 | CVE-2016-2970 | Information Exposure vulnerability in IBM Sametime IBM Sametime 8.5 and 9.0 meetings server may provide detailed information in an error message that may provide details about the application to possible attackers. | 4.3 |
| 2017-08-28 | CVE-2015-0114 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I Access for Windows 5.4/6.1/7.1 Stack-based buffer overflow in IBM V5R4, and IBM i Access for Windows 6.1 and 7.1. | 7.8 |
| 2017-08-28 | CVE-2015-0101 | Cross-site Scripting vulnerability in IBM Business Process Manager Cross-site scripting (XSS) vulnerability in IBM Business Process Manager Standard 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5; IBM Business Process Manager Express 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5; and IBM Business Process Manager Advanced 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5. | 6.1 |
| 2017-08-28 | CVE-2014-8900 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Urbancode Deploy Cross-site request forgery (CSRF) vulnerability in IBM UrbanCode Release 6.0.1.6 and earlier, 6.1.0.7 and earlier, and 6.1.1.1 and earlier. | 8.8 |
| 2017-08-25 | CVE-2014-9564 | CRLF Injection vulnerability in IBM En6131 Firmware and Ib6131 Firmware CRLF injection vulnerability in IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband Switch firmware before 3.4.1110 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks and resulting web cache poisoning or cross-site scripting (XSS) attacks, or obtain sensitive information via multiple unspecified parameters. | 6.1 |
| 2017-08-22 | CVE-2017-1422 | Information Exposure vulnerability in IBM Maas360 DTM 3.81 IBM MaaS360 DTM all versions up to 3.81 does not perform proper verification for user rights of certain applications which could disclose sensitive information. | 3.3 |
| 2017-08-22 | CVE-2014-6189 | Cross-site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM Security Network Protection 3100, 4100, 5100, and 7100 devices with firmware 5.2 before 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0008 and 5.3 before 5.3.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-08-18 | CVE-2017-1501 | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.0, 8.5, and 9.0 could provide weaker than expected security after using the Admin Console to update the web services security bindings settings. | 5.9 |
| 2017-08-18 | CVE-2017-1338 | Cross-site Scripting vulnerability in IBM products IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. | 5.4 |