Vulnerabilities > IBM > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-04-14 | CVE-2017-1152 | Session Fixation vulnerability in IBM Financial Transaction Manager 3.0.1.0/3.0.2.0 IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. | 4.3 |
2017-04-14 | CVE-2016-8927 | Cross-site Scripting vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site scripting. | 5.4 |
2017-04-14 | CVE-2016-8926 | Information Exposure vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to read system files or data that is restricted to authorized users. | 4.3 |
2017-04-14 | CVE-2016-8925 | Information Exposure vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. | 6.5 |
2017-04-11 | CVE-2016-5011 | The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset. | 4.6 |
2017-04-05 | CVE-2017-1180 | Unspecified vulnerability in IBM Tririga Application Platform The IBM TRIRIGA Document Manager contains a vulnerability that could allow an authenticated user to execute actions they did not have access to. | 5.3 |
2017-04-05 | CVE-2016-3031 | Cross-site Scripting vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. | 5.4 |
2017-04-05 | CVE-2016-3015 | Cross-site Scripting vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. | 5.4 |
2017-03-31 | CVE-2017-1171 | Unspecified vulnerability in IBM Tririga Application Platform The IBM TRIRIGA Application Platform 3.3, 3,4, and 3,5 contain a vulnerability that could allow an authenticated user to execute Application actions they do not have access to. | 4.3 |
2017-03-31 | CVE-2017-1154 | Information Exposure vulnerability in IBM Algo ONE 4.9.1/5.0.0/5.1.0 IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could allow a user to gain access to files in the local environment which should not be viewed by application users. | 6.5 |