Vulnerabilities > IBM > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-02-01 | CVE-2016-6117 | Information Exposure vulnerability in IBM Security KEY Lifecycle Manager IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 can be deployed with active debugging code that can disclose sensitive information. | 5.3 |
2017-02-01 | CVE-2016-0371 | Unspecified vulnerability in IBM Tivoli Storage Manager The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled. | 5.5 |
2017-02-01 | CVE-2016-9731 | Cross-site Scripting vulnerability in IBM Business Process Manager 8.5.7.0 IBM Business Process Manager is vulnerable to cross-site scripting. | 5.4 |
2017-02-01 | CVE-2016-8981 | Information Exposure vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 allows web pages to be stored locally which can be read by another user on the system. | 5.5 |
2017-02-01 | CVE-2016-8966 | Information Exposure vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
2017-02-01 | CVE-2016-8961 | Open Redirect vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
2017-02-01 | CVE-2016-8943 | Cross-site Scripting vulnerability in IBM products IBM Tivoli Storage Productivity Center is vulnerable to cross-site scripting. | 5.4 |
2017-02-01 | CVE-2016-8936 | Cross-site Scripting vulnerability in IBM Social Rendering Templates for Digital Data Connector 1.0 IBM Social Rendering Templates for Digital Data Connector is vulnerable to cross-site scripting. | 6.1 |
2017-02-01 | CVE-2016-8934 | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server is vulnerable to cross-site scripting. | 5.4 |
2017-02-01 | CVE-2016-8922 | Cross-site Scripting vulnerability in IBM products Exphox WebRadar is vulnerable to cross-site scripting. | 6.1 |