Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-12 | CVE-2016-8947 | Open Redirect vulnerability in IBM Emptoris Sourcing IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2017-07-12 | CVE-2016-8946 | Cross-site Scripting vulnerability in IBM Emptoris Sourcing IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-12 | CVE-2016-6114 | Cross-site Scripting vulnerability in IBM Emptoris Sourcing IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-10 | CVE-2017-1398 | Open Redirect vulnerability in IBM Websphere Commerce IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 6.0, 7.0, and 8.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2017-07-10 | CVE-2017-1337 | Insufficiently Protected Credentials vulnerability in IBM Websphere MQ 9.0.1/9.0.2 IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly transmit user credentials in plain text. | 8.1 |
| 2017-07-10 | CVE-2017-1284 | Information Exposure vulnerability in IBM Websphere MQ 9.0.1/9.0.2 IBM WebSphere MQ 9.0.1 and 9.0.2 could allow a local user with ability to run or enable trace, to obtain sensitive information from WebSphere Application Server traces including user credentials. | 4.7 |
| 2017-07-06 | CVE-2017-1236 | Improper Input Validation vulnerability in IBM Websphere MQ 9.0.2 IBM WebSphere MQ 9.0.2 could allow an authenticated user to potentially cause a denial of service by saving an incorrect channel status inquiry. | 6.5 |
| 2017-07-05 | CVE-2017-1264 | Improper Authentication vulnerability in IBM Security Guardium IBM Security Guardium 10.0 does not prove or insufficiently proves that the actors identity is correct which can lead to exposure of resources or functionality to unintended actors. | 7.5 |
| 2017-07-05 | CVE-2017-1254 | XXE vulnerability in IBM Security Guardium IBM Security Guardium 10.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
| 2017-07-05 | CVE-2017-1253 | OS Command Injection vulnerability in IBM Security Guardium IBM Security Guardium 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 9.9 |