Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-07 | CVE-2016-5960 | Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.0.2/2.1 IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores user credentials in plain in clear text which can be read by a local user. | 5.5 |
| 2017-06-07 | CVE-2016-5959 | Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.0.2/2.1 IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores sensitive information in URL parameters. | 5.3 |
| 2017-06-07 | CVE-2016-3051 | Permissions, Privileges, and Access Controls vulnerability in IBM Security Access Manager 9.0 Firmware IBM Security Access Manager for Web 9.0.0 could allow an authenticated user to access some privileged functionality of the server. | 4.3 |
| 2017-06-07 | CVE-2016-3019 | Inadequate Encryption Strength vulnerability in IBM Security Access Manager 9.0 Firmware IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 6.5 |
| 2017-06-07 | CVE-2016-0254 | XXE vulnerability in IBM Cognos Business Intelligence IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. | 6.5 |
| 2017-06-07 | CVE-2017-9501 | Reachable Assertion vulnerability in Imagemagick 7.0.57 In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
| 2017-06-07 | CVE-2017-9500 | Reachable Assertion vulnerability in Imagemagick 7.0.58 In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
| 2017-06-07 | CVE-2017-9499 | Reachable Assertion vulnerability in Imagemagick 7.0.57 In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
| 2017-06-07 | CVE-2015-8326 | Link Following vulnerability in Iptables-Parse Project Iptables-Parse Module The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user. | 5.5 |
| 2017-06-07 | CVE-2015-7514 | Information Exposure vulnerability in Openstack Ironic 4.2.0/4.2.1 OpenStack Ironic 4.2.0 through 4.2.1 does not "clean" the disk after use, which allows remote authenticated users to obtain sensitive information. | 6.5 |