Vulnerabilities > IBM > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-02-02 | CVE-2016-6116 | Information Exposure vulnerability in IBM Security KEY Lifecycle Manager IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
2017-02-02 | CVE-2016-6099 | Information Exposure vulnerability in IBM Security KEY Lifecycle Manager IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 discloses sensitive information to unauthorized users. | 5.3 |
2017-02-02 | CVE-2016-5935 | Information Exposure vulnerability in IBM Dashboard Application Services HUB 3.1.3 IBM Jazz for Service Management could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. | 5.9 |
2017-02-01 | CVE-2016-9704 | Cross-site Scripting vulnerability in IBM Security Identity Manager Virtual Appliance IBM Security Identity Manager Virtual Appliance is vulnerable to cross-site scripting. | 6.1 |
2017-02-01 | CVE-2016-9000 | Cross-site Scripting vulnerability in IBM products IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. | 6.1 |
2017-02-01 | CVE-2016-8999 | Cross-site Scripting vulnerability in IBM products IBM InfoSphere Information Server contains a Path-relative stylesheet import vulnerability that allows attackers to render a page in quirks mode thereby facilitating an attacker to inject malicious CSS. | 5.4 |
2017-02-01 | CVE-2016-8982 | Information Exposure vulnerability in IBM Infosphere Datastage 11.3/8.7/9.1 IBM InfoSphere Information Server stores sensitive information in URL parameters. | 5.3 |
2017-02-01 | CVE-2016-8977 | Information Exposure vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. | 5.3 |
2017-02-01 | CVE-2016-8963 | Information Exposure vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user. | 5.5 |
2017-02-01 | CVE-2016-8933 | Path Traversal vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. | 6.5 |