Vulnerabilities > IBM

DATE CVE VULNERABILITY TITLE RISK
2017-02-01 CVE-2016-8977 Information Exposure vulnerability in IBM Bigfix Inventory and License Metric Tool
IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests.
network
low complexity
ibm CWE-200
5.3
5.3
2017-02-01 CVE-2016-8963 Information Exposure vulnerability in IBM Bigfix Inventory and License Metric Tool
IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user.
local
low complexity
ibm CWE-200
5.5
5.5
2017-02-01 CVE-2016-8938 Improper Access Control vulnerability in IBM Urbancode Deploy
IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server.
network
low complexity
ibm CWE-284
critical
 10.0
10
2017-02-01 CVE-2016-8933 Path Traversal vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm CWE-22
6.5
6.5
2017-02-01 CVE-2016-8932 Improper Access Control vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
network
low complexity
ibm CWE-284
8.8
8.8
2017-02-01 CVE-2016-8931 Improper Access Control vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
network
low complexity
ibm CWE-284
8.8
8.8
2017-02-01 CVE-2016-8930 SQL Injection vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
7.6
7.6
2017-02-01 CVE-2016-8929 SQL Injection vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
5.4
5.4
2017-02-01 CVE-2016-8928 SQL Injection vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
7.6
7.6
2017-02-01 CVE-2016-8919 Resource Management Errors vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server may be vulnerable to a denial of service, caused by allowing serialized objects from untrusted sources to run and cause the consumption of resources.
network
low complexity
ibm CWE-399
7.5
7.5