Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-08-29 CVE-2017-1485 Cross-site Scripting vulnerability in IBM Cognos Analytics
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-08-29 CVE-2017-1428 Improper Input Validation vulnerability in IBM Cognos Analytics
IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the clicking action of the victim.
network
low complexity
ibm CWE-20
6.1
2017-08-29 CVE-2017-1427 Cross-site Scripting vulnerability in IBM Cognos Analytics
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
2017-08-29 CVE-2017-1195 Open Redirect vulnerability in IBM Curam Social Program Management
IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
6.1
2017-08-29 CVE-2016-2980 Injection vulnerability in IBM Sametime
The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can inject their own script by exploiting a vulnerability in the way that the WebPlayer works.
network
low complexity
ibm CWE-74
6.3
2017-08-29 CVE-2016-2976 Information Exposure vulnerability in IBM Sametime
IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invitee to obtain previously cleared sensitive information by viewing the meeting report history.
network
low complexity
ibm CWE-200
4.3
2017-08-29 CVE-2016-2975 Cross-site Scripting vulnerability in IBM Sametime
IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-08-29 CVE-2016-2967 Cross-site Scripting vulnerability in IBM Sametime
IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-08-29 CVE-2016-2966 Information Exposure vulnerability in IBM Sametime
IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumerate meeting rooms by guessing the meeting room id.
network
low complexity
ibm CWE-200
4.3
2017-08-29 CVE-2016-2964 Information Exposure vulnerability in IBM Sametime
IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too detailed and may reveal details about the application.
network
low complexity
ibm CWE-200
5.3