Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2016-2972 | Credentials Management vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of the Sametime Meetings user in the local cache of their browser which could be accessed by a local user. | 7.8 |
| 2017-08-28 | CVE-2015-0114 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I Access for Windows 5.4/6.1/7.1 Stack-based buffer overflow in IBM V5R4, and IBM i Access for Windows 6.1 and 7.1. | 7.8 |
| 2017-08-28 | CVE-2014-8900 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Urbancode Deploy Cross-site request forgery (CSRF) vulnerability in IBM UrbanCode Release 6.0.1.6 and earlier, 6.1.0.7 and earlier, and 6.1.1.1 and earlier. | 8.8 |
| 2017-08-14 | CVE-2017-1469 | Code Injection vulnerability in IBM Infosphere Information Server 11.3/11.5/9.1 IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. | 7.8 |
| 2017-08-10 | CVE-2017-1192 | XXE vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 8.2 |
| 2017-08-10 | CVE-2017-1174 | SQL Injection vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. | 8.8 |
| 2017-08-09 | CVE-2017-3752 | Improper Input Validation vulnerability in multiple products An industry-wide vulnerability has been identified in the implementation of the Open Shortest Path First (OSPF) routing protocol used on some Lenovo switches. | 8.2 |
| 2017-08-02 | CVE-2014-8903 | Command Injection vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5iFix10 and 6.0.5 before 6.0.5.6 allows remote authenticated users to load arbitrary Java classes via unspecified vectors. | 8.8 |
| 2017-08-02 | CVE-2017-1468 | Unspecified vulnerability in IBM Infosphere Information Server 11.3/11.5/9.1 IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. | 7.8 |
| 2017-08-02 | CVE-2017-1467 | Unspecified vulnerability in IBM Infosphere Information Server 11.3/11.5/9.1 A network layer security vulnerability in InfoSphere Information Server 9.1, 11.3, and 11.5 can lead to privilege escalation or unauthorized access. | 8.1 |