Unspecified vulnerability in the web interface on the IBM TS3500 Tape Library with firmware before C260 allows remote authenticated users to gain privileges via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Open redirect vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.
Cross-site scripting (XSS) vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.