Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-12 | CVE-2017-1247 | Cross-site Scripting vulnerability in IBM products IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-06-12 | CVE-2017-1276 | Cross-site Scripting vulnerability in IBM products IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-06-12 | CVE-2017-1278 | Cross-site Scripting vulnerability in IBM products IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. | 3.5 |
| 2017-06-08 | CVE-2017-1140 | Cross-site Scripting vulnerability in IBM Business Process Manager IBM Business Process Manager 8.0 and 8.5 are vulnerable to cross-site scripting. | 3.5 |
| 2017-06-07 | CVE-2016-5960 | Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.0.2/2.1 IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores user credentials in plain in clear text which can be read by a local user. | 2.1 |
| 2017-06-07 | CVE-2016-6089 | Improper Access Control vulnerability in IBM Websphere MQ 9.0.0.0/9.0.1 IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write to a file or delete files in a directory they should not have access to due to improper access controls. | 3.6 |
| 2017-06-07 | CVE-2016-8939 | Information Exposure vulnerability in IBM Tivoli Storage Manager IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) clients/agents store password information in the Windows Registry in a manner which can be compromised. | 2.1 |
| 2017-06-07 | CVE-2017-1125 | Information Exposure vulnerability in IBM Cognos Business Intelligence Server IBM Cognos Analytics 10.1 and 10.2 could allow a local user to craft a URL which could confirm the existence of and expose postial contents of a file. | 2.1 |
| 2017-06-07 | CVE-2017-1305 | Cross-site Scripting vulnerability in IBM Rational Doors Next Generation 6.0.2/6.0.3 IBM DOORS Next Generation (DNG/RRC) 6.0.2 and 6.0.3 is vulnerable to cross-site scripting. | 3.5 |
| 2017-05-26 | CVE-2017-1291 | Cross-site Scripting vulnerability in IBM products IBM Maximo Asset Management 7.5 and 7.6 is vulnerable to HTTP response splitting attacks. | 3.5 |