Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-01 | CVE-2016-8931 | Improper Access Control vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. | 8.8 |
| 2017-02-01 | CVE-2016-8930 | SQL Injection vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud is vulnerable to SQL injection. | 7.6 |
| 2017-02-01 | CVE-2016-8929 | SQL Injection vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud is vulnerable to SQL injection. | 5.4 |
| 2017-02-01 | CVE-2016-8928 | SQL Injection vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud is vulnerable to SQL injection. | 7.6 |
| 2017-02-01 | CVE-2016-8919 | Resource Management Errors vulnerability in IBM Websphere Application Server IBM WebSphere Application Server may be vulnerable to a denial of service, caused by allowing serialized objects from untrusted sources to run and cause the consumption of resources. | 7.5 |
| 2017-02-01 | CVE-2016-6115 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM General Parallel File System and Spectrum Scale IBM General Parallel File System is vulnerable to a buffer overflow. | 7.2 |
| 2017-02-01 | CVE-2016-6110 | Credentials Management vulnerability in IBM Tivoli Storage Manager IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user. | 6.5 |
| 2017-02-01 | CVE-2016-6068 | Information Exposure vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties. | 7.5 |
| 2017-02-01 | CVE-2016-6001 | Server-Side Request Forgery (SSRF) vulnerability in IBM Forms Experience Builder 8.5/8.5.1/8.6.0 IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from the application design interface allowing for some information disclosure of internal resources. | 3.1 |
| 2017-02-01 | CVE-2016-5953 | Information Exposure vulnerability in IBM Sterling Selling and Fulfillment Foundation IBM Sterling Order Management transmits the session identifier within the URL. | 3.7 |