Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-13 | CVE-2017-1121 | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, and 9.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-02-08 | CVE-2015-1976 | Improper Access Control vulnerability in IBM Security Directory Server and Tivoli Directory Server IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the tool to crash. | 2.1 |
| 2017-02-08 | CVE-2015-7418 | Information Exposure vulnerability in IBM Websphere Extreme Scale IBM WebSphere eXtreme Scale and the WebSphere DataPower XC10 Appliance allow some sensitive data to linger in memory instead of being overwritten which could allow a local user with administrator privileges to obtain sensitive information. | 2.1 |
| 2017-02-08 | CVE-2015-7493 | Information Exposure vulnerability in IBM Infosphere Information Server IBM InfoSphere Information Server could allow a local user under special circumstances to execute commands during installation processes that could expose sensitive information. | 1.9 |
| 2017-02-08 | CVE-2015-7494 | Improper Access Control vulnerability in IBM Cloud Orchestrator and Smartcloud Orchestrator A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. | 1.7 |
| 2017-02-08 | CVE-2016-0202 | Information Exposure vulnerability in IBM Cloud Orchestrator A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. | 2.1 |
| 2017-02-08 | CVE-2016-0203 | Information Exposure vulnerability in IBM Cloud Orchestrator and Smartcloud Orchestrator A vulnerability has been identified in the IBM Cloud Orchestrator task API. | 2.1 |
| 2017-02-08 | CVE-2016-0206 | Improper Input Validation vulnerability in IBM Cloud Orchestrator IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow down for a short period of time by using a specially crafted and malformed URL. | 2.1 |
| 2017-02-08 | CVE-2016-0305 | Cross-site Scripting vulnerability in IBM Connections IBM Connections is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. | 3.5 |
| 2017-02-08 | CVE-2016-0310 | Cross-site Scripting vulnerability in IBM Connections IBM Connections 5.5 and earlier is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain. | 3.5 |