Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-02-23 CVE-2016-6055 Cross-site Scripting vulnerability in IBM products
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-02-23 CVE-2016-5883 Cross-site Scripting vulnerability in IBM Inotes
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
2017-02-22 CVE-2016-8986 Improper Access Control vulnerability in IBM Websphere MQ
IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests.
network
low complexity
ibm CWE-284
6.5
2017-02-22 CVE-2016-8915 Improper Access Control vulnerability in IBM Websphere MQ
IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process.
network
low complexity
ibm CWE-284
6.5
2017-02-22 CVE-2016-3052 Information Exposure vulnerability in IBM Websphere MQ
Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network.
network
high complexity
ibm CWE-200
5.9
2017-02-22 CVE-2016-3013 Data Processing Errors vulnerability in IBM Websphere MQ
IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling.
network
low complexity
ibm CWE-19
6.5
2017-02-16 CVE-2016-6062 Cross-site Scripting vulnerability in IBM Resilient 26.0/26.1/26.2
IBM Resilient v26.0, v26.1, and v26.2 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
2017-02-15 CVE-2016-9010 7PK - Security Features vulnerability in IBM Integration BUS and Websphere Message Broker
IBM WebSphere Message Broker 9.0 and 10.0 could allow a remote attacker to hijack the clicking action of the victim.
network
low complexity
ibm CWE-254
6.1
2017-02-15 CVE-2016-8968 Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management 6.0.0/6.0.1/6.0.2
IBM Jazz Foundation is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-02-15 CVE-2016-8944 Improper Input Validation vulnerability in IBM AIX 7.1/7.2
IBM AIX 7.1 and 7.2 allows a local user to open a file with a specially crafted argument that would crash the system.
local
low complexity
ibm CWE-20
5.5