Search Results (8213 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-1153 1 Ibm 1 Tririga Application Platform 2025-04-20 N/A
IBM TRIRIGA Report Manager 3.2 through 3.5 contains a vulnerability that could allow an authenticated user to execute actions that they do not have access to. IBM Reference #: 1999563.
CVE-2017-1154 1 Ibm 1 Algo One 2025-04-20 N/A
IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could allow a user to gain access to files in the local environment which should not be viewed by application users. IBM Reference #: 1999892.
CVE-2017-1324 1 Ibm 1 Rational Engineering Lifecycle Manager 2025-04-20 N/A
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125975.
CVE-2017-1583 1 Ibm 1 Liberty 2025-04-20 N/A
IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.13)could allow a remote attacker to obtain sensitive information caused by improper error handling by MyFaces in JSF.
CVE-2017-1155 1 Ibm 1 Algo One 2025-04-20 N/A
IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could allow a user to gain access to another user's reports using a specially crafted HTTP request. IBM Reference #: 1999754.
CVE-2016-8924 1 Ibm 1 Maximo Asset Management 2025-04-20 N/A
IBM Maximo Asset Management 7.1, 7.5 and 7.6 could allow a remote attacker to hijack a user's session, caused by the failure to invalidate an existing session identifier. An attacker could exploit this vulnerability to gain access to another user's session. IBM X-Force ID: 118537.
CVE-2017-1327 1 Ibm 1 Inotes 2025-04-20 N/A
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126062.
CVE-2017-1332 1 Ibm 1 Inotes 2025-04-20 N/A
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126234.
CVE-2017-1311 1 Ibm 1 Insights Foundation For Energy 2025-04-20 N/A
IBM Insights Foundation for Energy 2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 125719.
CVE-2017-1162 1 Ibm 1 Qradar Security Information And Event Manager 2025-04-20 N/A
IBM QRadar 7.2 and 7.3 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 122957.
CVE-2017-1309 1 Ibm 1 Infosphere Master Data Management Server 2025-04-20 N/A
IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 125463.
CVE-2017-1170 1 Ibm 1 Websphere Commerce 2025-04-20 N/A
IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 8.0 could allow a local user to hijack a user's session. IBM X-Force ID: 123230.
CVE-2017-1318 1 Ibm 1 Mq Appliance 2025-04-20 N/A
IBM MQ Appliance 8.0 and 9.0 could allow an authenticated messaging administrator to execute arbitrary commands on the system, caused by command execution. IBM X-Force ID: 125730.
CVE-2016-8922 1 Ibm 2 Web Content Manager Production Analytics, Websphere Portal 2025-04-20 N/A
Exphox WebRadar is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2017-1319 1 Ibm 1 Tivoli Federated Identity Manager 2025-04-20 N/A
IBM Tivoli Federated Identity Manager 6.2 is affected by a vulnerability due to a missing secure attribute in encrypted session (SSL) cookie. IBM X-Force ID: 125731.
CVE-2017-1179 1 Ibm 1 Bigfix Security Compliance Analytics 2025-04-20 N/A
IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123431.
CVE-2017-1335 1 Ibm 1 Rational Engineering Lifecycle Manager 2025-04-20 N/A
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126243.
CVE-2017-1180 1 Ibm 1 Tririga Application Platform 2025-04-20 N/A
The IBM TRIRIGA Document Manager contains a vulnerability that could allow an authenticated user to execute actions they did not have access to. IBM Reference #: 2001084.
CVE-2017-1181 1 Ibm 1 Tivoli Monitoring 2025-04-20 N/A
IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487.
CVE-2016-8918 1 Ibm 1 Integration Bus 2025-04-20 N/A
IBM Integration Bus, under non default configurations, could allow a remote user to authenticate without providing valid credentials.