Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-15 | CVE-2016-9010 | 7PK - Security Features vulnerability in IBM Integration BUS and Websphere Message Broker IBM WebSphere Message Broker 9.0 and 10.0 could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |
| 2017-02-15 | CVE-2016-8968 | Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management 6.0.0/6.0.1/6.0.2 IBM Jazz Foundation is vulnerable to cross-site scripting. | 5.4 |
| 2017-02-15 | CVE-2016-8944 | Improper Input Validation vulnerability in IBM AIX 7.1/7.2 IBM AIX 7.1 and 7.2 allows a local user to open a file with a specially crafted argument that would crash the system. | 5.5 |
| 2017-02-15 | CVE-2016-6077 | Improper Access Control vulnerability in IBM Cognos Disclosure Management IBM Cognos Disclosure Management 10.2 could allow a malicious attacker to execute commands as a lower privileged user that opens a malicious document. | 5.3 |
| 2017-02-15 | CVE-2016-6060 | Information Exposure vulnerability in IBM products An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. | 4.3 |
| 2017-02-13 | CVE-2017-1121 | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, and 9.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-02-08 | CVE-2016-5918 | Information Exposure vulnerability in IBM Tivoli Storage Manager for Space Management IBM Tivoli Storage Manager HSM for Windows displays the encrypted Tivoli Storage Manager password in application trace output if the password access option is prompt and the password is changed. | 4.7 |
| 2017-02-08 | CVE-2016-5902 | Cross-site Scripting vulnerability in IBM products IBM Maximo Asset Management is vulnerable to cross-site scripting. | 6.1 |
| 2017-02-08 | CVE-2016-5900 | Information Exposure vulnerability in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On 16.1.01 IBM Tealeaf Customer Experience on Cloud Network Capture Add-On could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the TLS certificate. | 5.9 |
| 2017-02-08 | CVE-2016-0310 | Cross-site Scripting vulnerability in IBM Connections IBM Connections 5.5 and earlier is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain. | 5.4 |