Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-24 | CVE-2017-1245 | Cross-site Scripting vulnerability in IBM Rational Software Architect Design Manager IBM Rational Software Architect Design Manager 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-24 | CVE-2016-8975 | Cross-site Scripting vulnerability in IBM Rhapsody Design Manager IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-24 | CVE-2016-6118 | Cross-site Scripting vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-21 | CVE-2017-1381 | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Proxy Server or On-demand-router (ODR) 7.0, 8.0, 8.5, 9.0 and could allow a local attacker to obtain sensitive information, caused by stale data being cached and then served. | 3.3 |
| 2017-07-21 | CVE-2017-1374 | Information Exposure vulnerability in IBM Tririga Application Platform Sensitive data can be exposed in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 that can lead to an attacker gaining unauthorized access to the system. | 6.5 |
| 2017-07-21 | CVE-2017-1373 | Unspecified vulnerability in IBM Tririga Application Platform Reports executed in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute a report they do not have access to. | 8.8 |
| 2017-07-21 | CVE-2017-1372 | Cross-site Scripting vulnerability in IBM Tririga Application Platform IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-21 | CVE-2017-1371 | Unspecified vulnerability in IBM Tririga Application Platform Builder tools running in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute Builder tool actions they do not have access to. | 8.8 |
| 2017-07-21 | CVE-2017-1267 | Improper Input Validation vulnerability in IBM Security Guardium IBM Security Guardium 10.0 and 10.1 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code. | 7.5 |
| 2017-07-19 | CVE-2017-1309 | Cleartext Storage of Sensitive Information vulnerability in IBM Infosphere Master Data Management Server IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in clear text which can be read by a local user. | 7.8 |