Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-01 | CVE-2016-6115 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM General Parallel File System and Spectrum Scale IBM General Parallel File System is vulnerable to a buffer overflow. | 7.2 |
| 2017-02-01 | CVE-2016-6110 | Credentials Management vulnerability in IBM Tivoli Storage Manager IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user. | 6.5 |
| 2017-02-01 | CVE-2016-6068 | Information Exposure vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties. | 7.5 |
| 2017-02-01 | CVE-2016-6001 | Server-Side Request Forgery (SSRF) vulnerability in IBM Forms Experience Builder 8.5/8.5.1/8.6.0 IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from the application design interface allowing for some information disclosure of internal resources. | 3.1 |
| 2017-02-01 | CVE-2016-5953 | Information Exposure vulnerability in IBM Sterling Selling and Fulfillment Foundation IBM Sterling Order Management transmits the session identifier within the URL. | 3.7 |
| 2017-02-01 | CVE-2016-5942 | Cross-site Scripting vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. | 5.4 |
| 2017-02-01 | CVE-2016-5941 | Path Traversal vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. | 5.7 |
| 2017-02-01 | CVE-2016-5940 | Cross-site Scripting vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. | 5.4 |
| 2017-02-01 | CVE-2016-5938 | Information Exposure vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2017-02-01 | CVE-2016-5881 | Cross-site Scripting vulnerability in IBM Inotes IBM iNotes is vulnerable to cross-site scripting. | 6.1 |