Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-07-05 CVE-2017-1113 Cross-site Scripting vulnerability in IBM Rational Team Concert
IBM Rational Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-07-05 CVE-2016-9746 Cross-site Scripting vulnerability in IBM products
IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-07-05 CVE-2016-9733 Cross-site Scripting vulnerability in IBM products
IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-07-05 CVE-2016-9701 Cross-site Scripting vulnerability in IBM products
IBM Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-07-05 CVE-2017-1258 Improper Authentication vulnerability in IBM Security Guardium
IBM Security Guardium 10.0 and 10.1 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas.
network
low complexity
ibm CWE-287
6.5
2017-07-05 CVE-2017-1256 Cross-site Scripting vulnerability in IBM Security Guardium 10.0/10.1
IBM Security Guardium 10.0, 10.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
2017-07-05 CVE-2017-1217 Cross-site Scripting vulnerability in IBM Websphere Portal 8.5/9.0
IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
2017-06-29 CVE-2017-1310 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Informix Dynamic Server 12.10
IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files to the server.
network
low complexity
ibm CWE-119
6.5
2017-06-28 CVE-2017-1106 Cross-site Scripting vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-06-27 CVE-2017-1328 Unspecified vulnerability in IBM API Connect
IBM API Connect 5.0.0.0 - 5.0.6.0 could allow a remote attacker to bypass security restrictions of the api, caused by improper handling of security policy.
network
low complexity
ibm
5.3