Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-06-13 CVE-2017-1100 Cross-site Scripting vulnerability in IBM Rational Quality Manager
IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-06-13 CVE-2017-1099 Information Exposure vulnerability in IBM products
IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions.
network
low complexity
ibm CWE-200
4.3
2017-06-13 CVE-2016-9973 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-06-12 CVE-2017-1278 Cross-site Scripting vulnerability in IBM products
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection.
network
low complexity
ibm CWE-79
5.4
2017-06-12 CVE-2017-1276 Cross-site Scripting vulnerability in IBM products
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-06-12 CVE-2017-1247 Cross-site Scripting vulnerability in IBM products
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-06-12 CVE-2017-1214 Information Exposure vulnerability in IBM Inotes
IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure.
network
low complexity
ibm CWE-200
5.7
2017-06-08 CVE-2017-1179 Inadequate Encryption Strength vulnerability in IBM Bigfix Security Compliance Analytics 1.9.70
IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
high complexity
ibm CWE-326
5.9
2017-06-08 CVE-2017-1140 Cross-site Scripting vulnerability in IBM Business Process Manager
IBM Business Process Manager 8.0 and 8.5 are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-06-08 CVE-2016-9736 Information Exposure vulnerability in IBM Websphere Application Server 8.0/8.5/9.0
IBM WebSphere Application Server using malformed SOAP requests could allow a remote attacker to obtain sensitive information.
network
low complexity
ibm CWE-200
5.3