Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2017-1428 | Improper Input Validation vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the clicking action of the victim. | 5.8 |
| 2017-08-29 | CVE-2017-1427 | Cross-site Scripting vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. | 4.3 |
| 2017-08-29 | CVE-2017-1195 | Open Redirect vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.8 |
| 2017-08-29 | CVE-2016-2980 | Injection vulnerability in IBM Sametime The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can inject their own script by exploiting a vulnerability in the way that the WebPlayer works. | 6.8 |
| 2017-08-29 | CVE-2016-2976 | Information Exposure vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invitee to obtain previously cleared sensitive information by viewing the meeting report history. | 4.0 |
| 2017-08-29 | CVE-2016-2966 | Information Exposure vulnerability in IBM Sametime IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumerate meeting rooms by guessing the meeting room id. | 4.0 |
| 2017-08-29 | CVE-2016-2964 | Information Exposure vulnerability in IBM Sametime IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too detailed and may reveal details about the application. | 5.0 |
| 2017-08-29 | CVE-2016-0358 | Information Exposure vulnerability in IBM Sametime IBM Sametime 8.5.2 and 9.0 could allow an unauthorized authenticated user to enumerate group chat ID numbers and join meetings that he was not invited to. | 4.0 |
| 2017-08-29 | CVE-2016-2977 | Improper Input Validation vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user to lower other users hands in the meeting. | 4.0 |
| 2017-08-29 | CVE-2016-2971 | Information Exposure vulnerability in IBM Sametime IBM Sametime Media Services 8.5.2 and 9.0 can disclose sensitive information in stack trace error logs that could aid an attacker in future attacks. | 5.0 |