Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-23 | CVE-2016-5883 | Cross-site Scripting vulnerability in IBM Inotes IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. | 4.3 |
| 2017-02-22 | CVE-2016-8986 | Improper Access Control vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. | 4.0 |
| 2017-02-22 | CVE-2016-8915 | Improper Access Control vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. | 4.0 |
| 2017-02-22 | CVE-2016-3052 | Information Exposure vulnerability in IBM Websphere MQ Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. | 4.3 |
| 2017-02-22 | CVE-2016-3013 | Data Processing Errors vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. | 4.0 |
| 2017-02-16 | CVE-2016-6062 | Cross-site Scripting vulnerability in IBM Resilient 26.0/26.1/26.2 IBM Resilient v26.0, v26.1, and v26.2 is vulnerable to cross-site scripting. | 4.3 |
| 2017-02-16 | CVE-2016-5919 | Inadequate Encryption Strength vulnerability in IBM products IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
| 2017-02-15 | CVE-2016-9010 | 7PK - Security Features vulnerability in IBM Integration BUS and Websphere Message Broker IBM WebSphere Message Broker 9.0 and 10.0 could allow a remote attacker to hijack the clicking action of the victim. | 4.3 |
| 2017-02-15 | CVE-2016-8944 | Improper Input Validation vulnerability in IBM AIX 7.1/7.2 IBM AIX 7.1 and 7.2 allows a local user to open a file with a specially crafted argument that would crash the system. | 4.9 |
| 2017-02-15 | CVE-2016-6077 | Improper Access Control vulnerability in IBM Cognos Disclosure Management IBM Cognos Disclosure Management 10.2 could allow a malicious attacker to execute commands as a lower privileged user that opens a malicious document. | 6.8 |