Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-01 | CVE-2016-2987 | Information Exposure vulnerability in IBM products An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. | 4.3 |
| 2017-02-01 | CVE-2016-2939 | Cross-site Scripting vulnerability in IBM Domino and Inotes IBM iNotes is vulnerable to cross-site scripting. | 6.1 |
| 2017-02-01 | CVE-2016-2938 | Cross-site Scripting vulnerability in IBM Domino and Inotes IBM iNotes is vulnerable to cross-site scripting. | 6.1 |
| 2017-02-01 | CVE-2016-2908 | XXE vulnerability in IBM products IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser. | 9.1 |
| 2017-02-01 | CVE-2016-0396 | Command Injection vulnerability in IBM Bigfix Platform IBM Tivoli Endpoint Manager could allow a user under special circumstances to inject commands that would be executed with unnecessary higher privileges than expected. | 8.1 |
| 2017-02-01 | CVE-2016-0394 | Permission Issues vulnerability in IBM Integration BUS and Websphere Message Broker IBM Integration Bus and WebSphere Message broker sets incorrect permissions for an object that could allow a local attacker to manipulate certain files. | 3.3 |
| 2017-02-01 | CVE-2016-0297 | Information Exposure vulnerability in IBM Bigfix Platform IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) could allow a remote attacker to obtain sensitive information due to a missing HTTP Strict-Transport-Security Header through man in the middle techniques. | 3.7 |
| 2017-02-01 | CVE-2016-0296 | Information Exposure Through Log Files vulnerability in IBM Bigfix Platform IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores potentially sensitive information in log files that could be available to a local user. | 3.3 |
| 2017-02-01 | CVE-2016-0265 | Cross-site Scripting vulnerability in IBM Campaign IBM Campaign is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. | 5.4 |
| 2017-01-06 | CVE-2016-9879 | Channel and Path Errors vulnerability in multiple products An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1. | 7.5 |