Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-07 | CVE-2016-9728 | SQL Injection vulnerability in IBM Qradar Security Information and Event Manager IBM Qradar 7.2 is vulnerable to SQL injection. | 7.5 |
| 2017-03-07 | CVE-2016-9727 | Improper Input Validation vulnerability in IBM products IBM QRadar 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 8.5 |
| 2017-03-07 | CVE-2016-9726 | Improper Input Validation vulnerability in IBM products IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 8.8 |
| 2017-03-07 | CVE-2016-9725 | Information Exposure vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar Incident Forensics 7.2 allows for Cross-Origin Resource Sharing (CORS), which is a mechanism that allows web sites to request resources from external sites, avoiding the need to duplicate them. | 5.3 |
| 2017-03-07 | CVE-2016-9724 | XXE vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. | 8.1 |
| 2017-03-07 | CVE-2016-9723 | Cross-site Scripting vulnerability in IBM products IBM QRadar 7.2 is vulnerable to cross-site scripting. | 6.1 |
| 2017-03-07 | CVE-2016-9720 | Information Exposure vulnerability in IBM products IBM QRadar 7.2 discloses sensitive information to unauthorized users. | 5.3 |
| 2017-03-07 | CVE-2016-9693 | Improper Input Validation vulnerability in IBM Business Process Manager IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download capability that is vulnerable to a set of attacks. | 6.1 |
| 2017-03-07 | CVE-2016-8971 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. | 6.5 |
| 2017-03-07 | CVE-2016-8940 | Information Exposure vulnerability in IBM Tivoli Storage Manager IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. | 8.8 |