Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2018-08-30 CVE-2016-0234 Insufficient Session Expiration vulnerability in IBM Openpages GRC Platform
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow a local user to obtain sensitive information when a previous user has logged out of the system but neglected to close their browser.
local
low complexity
ibm CWE-613
2.1
2.1
2018-08-22 CVE-2018-1599 Improper Input Validation vulnerability in IBM API Connect
IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker to hijack the clicking action of the victim.
network
ibm CWE-20
3.5
3.5
2018-08-20 CVE-2017-1753 Code Injection vulnerability in IBM products
Multiple IBM Rational products are vulnerable to HTML injection.
network
ibm CWE-94
3.5
3.5
2018-08-20 CVE-2018-1394 Cross-site Scripting vulnerability in IBM products
Multiple IBM Rational products are vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2018-08-16 CVE-2018-1715 Cross-site Scripting vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2018-08-07 CVE-2018-1690 Cross-site Scripting vulnerability in IBM Rhapsody Model Manager 6.0.6
IBM Rhapsody Model Manager 6.0.6 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2018-08-06 CVE-2018-1422 Cross-site Scripting vulnerability in IBM Rational Doors Next Generation
IBM Jazz Foundation products (IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.5) are vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2018-08-02 CVE-2018-1554 Cross-site Scripting vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2018-07-23 CVE-2018-1513 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.0 through 5.2.6 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2018-07-20 CVE-2017-1544 Information Exposure vulnerability in IBM Sterling File Gateway 2.2.0.0
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) caches usernames and passwords in browsers that could be used by a local attacker to obtain sensitive information.
local
low complexity
ibm CWE-200
2.1
2.1