Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-08-29 CVE-2016-2980 Injection vulnerability in IBM Sametime
The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can inject their own script by exploiting a vulnerability in the way that the WebPlayer works.
network
low complexity
ibm CWE-74
6.3
6.3
2017-08-29 CVE-2016-2976 Information Exposure vulnerability in IBM Sametime
IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invitee to obtain previously cleared sensitive information by viewing the meeting report history.
network
low complexity
ibm CWE-200
4.3
4.3
2017-08-29 CVE-2016-2975 Cross-site Scripting vulnerability in IBM Sametime
IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-08-29 CVE-2016-2967 Cross-site Scripting vulnerability in IBM Sametime
IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-08-29 CVE-2016-2966 Information Exposure vulnerability in IBM Sametime
IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumerate meeting rooms by guessing the meeting room id.
network
low complexity
ibm CWE-200
4.3
4.3
2017-08-29 CVE-2016-2964 Information Exposure vulnerability in IBM Sametime
IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too detailed and may reveal details about the application.
network
low complexity
ibm CWE-200
5.3
5.3
2017-08-29 CVE-2016-0358 Information Exposure vulnerability in IBM Sametime
IBM Sametime 8.5.2 and 9.0 could allow an unauthorized authenticated user to enumerate group chat ID numbers and join meetings that he was not invited to.
network
low complexity
ibm CWE-200
4.3
4.3
2017-08-29 CVE-2017-3155 Cross-site Scripting vulnerability in Apache Atlas 0.6.0/0.7.0
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting.
network
low complexity
apache CWE-79
6.1
6.1
2017-08-29 CVE-2017-3153 Cross-site Scripting vulnerability in Apache Atlas 0.6.0/0.7.0
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality.
network
low complexity
apache CWE-79
6.1
6.1
2017-08-29 CVE-2017-3152 Cross-site Scripting vulnerability in Apache Atlas 0.6.0/0.7.0
Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to DOM XSS in the edit-tag functionality.
network
low complexity
apache CWE-79
6.1
6.1