Vulnerabilities > IBM > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-02-02 | CVE-2016-5935 | Information Exposure vulnerability in IBM Dashboard Application Services HUB 3.1.3 IBM Jazz for Service Management could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. | 4.3 |
2017-02-01 | CVE-2016-9704 | Cross-site Scripting vulnerability in IBM Security Identity Manager Virtual Appliance IBM Security Identity Manager Virtual Appliance is vulnerable to cross-site scripting. | 4.3 |
2017-02-01 | CVE-2016-9008 | Improper Access Control vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy could allow a malicious user to access the Agent Relay ActiveMQ Broker JMX interface and run plugins on the agent. | 5.0 |
2017-02-01 | CVE-2016-9000 | Cross-site Scripting vulnerability in IBM products IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. | 4.3 |
2017-02-01 | CVE-2016-8982 | Information Exposure vulnerability in IBM Infosphere Datastage 11.3/8.7/9.1 IBM InfoSphere Information Server stores sensitive information in URL parameters. | 5.0 |
2017-02-01 | CVE-2016-8977 | Information Exposure vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. | 5.0 |
2017-02-01 | CVE-2016-8933 | Path Traversal vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. | 4.0 |
2017-02-01 | CVE-2016-8932 | Improper Access Control vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. | 6.5 |
2017-02-01 | CVE-2016-8931 | Improper Access Control vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. | 6.5 |
2017-02-01 | CVE-2016-8930 | SQL Injection vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud is vulnerable to SQL injection. | 6.5 |