Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-15 | CVE-2016-6077 | Improper Access Control vulnerability in IBM Cognos Disclosure Management IBM Cognos Disclosure Management 10.2 could allow a malicious attacker to execute commands as a lower privileged user that opens a malicious document. | 5.3 |
| 2017-02-15 | CVE-2016-6060 | Information Exposure vulnerability in IBM products An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. | 4.3 |
| 2017-02-15 | CVE-2016-6033 | Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-02-15 | CVE-2016-0360 | Deserialization of Untrusted Data vulnerability in IBM Websphere MQ JMS IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding vulnerable classes to the classpath. | 9.8 |
| 2017-02-13 | CVE-2017-1121 | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, and 9.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-02-08 | CVE-2016-9005 | Improper Access Control vulnerability in IBM System Storage Ts3100-Ts3200 Tape Library D.60 IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to the company network, to change a user's password and gain remote access to the system. | 9.8 |
| 2017-02-08 | CVE-2016-8954 | Use of Hard-coded Credentials vulnerability in IBM Dashdb Local IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database. | 9.8 |
| 2017-02-08 | CVE-2016-5934 | Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Storage Manager Fastback IBM Tivoli Storage Manager FastBack installer could allow a remote attacker to execute arbitrary code on the system. | 7.3 |
| 2017-02-08 | CVE-2016-5918 | Information Exposure vulnerability in IBM Tivoli Storage Manager for Space Management IBM Tivoli Storage Manager HSM for Windows displays the encrypted Tivoli Storage Manager password in application trace output if the password access option is prompt and the password is changed. | 4.7 |
| 2017-02-08 | CVE-2016-5902 | Cross-site Scripting vulnerability in IBM products IBM Maximo Asset Management is vulnerable to cross-site scripting. | 6.1 |