Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-10-29 | CVE-2010-0780 | Resource Management Errors vulnerability in IBM Websphere MQ IBM WebSphere MQ 7.x before 7.0.1.4 allows remote attackers to cause a denial of service (disk consumption) via multiple connection attempts to a stopped queue manager. | 4.3 |
| 2011-10-28 | CVE-2011-1371 | Cross-Site Scripting vulnerability in IBM Websphere Ilog Rule Team Server 7.1.1 Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM WebSphere ILOG Rule Team Server 7.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger an Unknown Error document, a different vulnerability than CVE-2011-4171. | 4.3 |
| 2011-10-28 | CVE-2011-1360 | Cross-Site Scripting vulnerability in IBM Http Server Multiple cross-site scripting (XSS) vulnerabilities in IBM HTTP Server 2.0.47 and earlier, as used in WebSphere Application Server and other products, allow remote attackers to inject arbitrary web script or HTML via vectors involving unspecified documentation files in (1) manual/ibm/ and (2) htdocs/*/manual/ibm/. | 4.3 |
| 2011-10-24 | CVE-2011-4171 | Cross-Site Scripting vulnerability in IBM Websphere Ilog Rule Team Server 7.1.1 Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM WebSphere ILOG Rule Team Server 7.1.1 allows remote attackers to inject arbitrary web script or HTML via the project parameter to teamserver/faces/home.jsp. | 4.3 |
| 2011-10-18 | CVE-2011-4061 | Unspecified vulnerability in IBM DB2 and Tivoli Monitoring FOR Databases Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli Monitoring for Databases: DB2 Agent, allow local users to gain privileges via a Trojan horse libkbb.so in the current working directory, related to the DT_RPATH ELF header. local ibm | 6.9 |
| 2011-09-19 | CVE-2011-3576 | Cross-Site Scripting vulnerability in IBM Lotus Domino 8.5.2 Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 8.5.2 allows remote attackers to inject arbitrary web script or HTML via the PanelIcon parameter in an fmpgPanelHeader ReadForm action to WebAdmin.nsf. | 4.3 |
| 2011-09-08 | CVE-2011-3391 | Permissions, Privileges, and Access Controls vulnerability in IBM Rational Build Forge 7.1.2 IBM Rational Build Forge 7.1.2 relies on client-side JavaScript code to enforce the EditSecurity permission requirement for the Export Key File function, which allows remote authenticated users to read a key file by removing a disable attribute in the Security sub-menu. | 4.0 |
| 2011-09-06 | CVE-2011-3390 | Cross-Site Scripting vulnerability in IBM Openadmin Tool Multiple cross-site scripting (XSS) vulnerabilities in index.php in IBM OpenAdmin Tool (OAT) before 2.72 for Informix allow remote attackers to inject arbitrary web script or HTML via the (1) informixserver, (2) host, or (3) port parameter in a login action. | 4.3 |
| 2011-09-06 | CVE-2011-1359 | Path Traversal vulnerability in IBM Websphere Application Server Directory traversal vulnerability in the administration console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41, 7.0 before 7.0.0.19, and 8.0 before 8.0.0.1 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2011-09-02 | CVE-2011-3387 | Improper Input Validation vulnerability in IBM Java 1.4.2.13.9 The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authenticated users to cause a denial of service (memory consumption or an infinite loop) via a crafted attribute length field in a class file, related to validation of a length field at the wrong time, a different vulnerability than CVE-2011-0311. | 4.0 |