Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-02 | CVE-2017-1118 | Unspecified vulnerability in IBM Websphere MQ Internet Pass-Thru 2.0/2.1 IBM WebSphere MQ Internet Pass-Thru 2.0 and 2.1 could allow n attacker to cause the MQIPT to stop responding due to an incorrectly configured security policy. | 7.5 |
| 2017-08-02 | CVE-2016-9981 | Session Fixation vulnerability in IBM Security Appscan IBM AppScan Enterprise Edition 9.0 contains an unspecified vulnerability that could allow an attacker to hijack a valid user's session. | 8.1 |
| 2017-08-01 | CVE-2017-1500 | Cross-site Scripting vulnerability in IBM Mobilefirst Platform Foundation and Worklight A Reflected Cross Site Scripting (XSS) vulnerability exists in the authorization function exposed by RESTful Web Api of IBM Worklight Framework 6.1, 6.2, 6.3, 7.0, 7.1, and 8.0. | 6.1 |
| 2017-07-31 | CVE-2017-1496 | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.x is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-31 | CVE-2017-1460 | Improper Input Validation vulnerability in IBM I IBM i OSPF 6.1, 7.1, 7.2, and 7.3 is vulnerable when a rogue router spoofs its origin. | 7.5 |
| 2017-07-31 | CVE-2017-1386 | Weak Password Requirements vulnerability in IBM API Connect and API Management IBM API Connect 5.0.0.0 could allow a user to bypass policy restrictions and create non-compliant passwords which could be intercepted and decrypted using man in the middle techniques. | 5.9 |
| 2017-07-31 | CVE-2017-1370 | Information Exposure Through an Error Message vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user credentials, through an error message from the Report Builder administrator configuration page. | 4.9 |
| 2017-07-31 | CVE-2017-1332 | Cross-site Scripting vulnerability in IBM Inotes IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. | 6.1 |
| 2017-07-31 | CVE-2017-1303 | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal and Web Content Manager 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. | 6.1 |
| 2017-07-31 | CVE-2017-1227 | Allocation of Resources Without Limits or Throttling vulnerability in IBM Bigfix Platform 9.1/9.2/9.5 IBM Tivoli Endpoint Manager could allow a unauthorized user to consume all resources and crash the system. | 7.5 |