Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-24 | CVE-2016-6118 | Cross-site Scripting vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-21 | CVE-2017-1374 | Information Exposure vulnerability in IBM Tririga Application Platform Sensitive data can be exposed in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 that can lead to an attacker gaining unauthorized access to the system. | 6.5 |
| 2017-07-21 | CVE-2017-1372 | Cross-site Scripting vulnerability in IBM Tririga Application Platform IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-19 | CVE-2017-1223 | Open Redirect vulnerability in IBM Bigfix Platform IBM Tivoli Endpoint Manager could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2017-07-19 | CVE-2017-1219 | XXE vulnerability in IBM Bigfix Platform IBM Tivoli Endpoint Manager is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 6.5 |
| 2017-07-19 | CVE-2017-1203 | Cross-site Scripting vulnerability in IBM Bigfix Platform IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications is vulnerable to cross-site scripting. | 6.1 |
| 2017-07-19 | CVE-2016-6018 | Information Exposure vulnerability in IBM Emptoris Contract Management IBM Emptoris Contract Management 10.0 and 10.1 reveals detailed error messages in certain features that could cause an attacker to gain additional information to conduct further attacks. | 4.3 |
| 2017-07-13 | CVE-2017-1308 | Files or Directories Accessible to External Parties vulnerability in IBM Daeja Viewone 4.1.5/4.1.5.1/5.0 IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0 could allow an authenticated attacker to download files they should not have access to due to improper access controls. | 6.5 |
| 2017-07-13 | CVE-2016-8952 | Cross-site Scripting vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. | 5.4 |
| 2017-07-13 | CVE-2016-6019 | Cross-site Scripting vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. | 5.4 |