Skip to main content
CVE-2016-0216 CRITICAL Act Now

Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Denial Of Service Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 3.0
9.8
EPSS
3.2%
CVE-2016-0213 CRITICAL Act Now

Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Denial Of Service Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 3.0
9.8
EPSS
3.2%
CVE-2016-0212 CRITICAL Act Now

Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Denial Of Service Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 3.0
9.8
EPSS
3.2%
CVE-2015-7428 HIGH This Week

Open redirect vulnerability in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF09 allows remote attackers to redirect users to arbitrary web sites and conduct phishing. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Open Redirect Websphere Portal
NVD
CVSS 3.0
7.4
EPSS
0.2%
CVE-2015-8524 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Process Portal in IBM Business Process Manager 8.5.0.x through 8.5.0.2, 8.5.5.x through 8.5.5.0, and 8.5.6.x through 8.5.6.2 allows remote attackers to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM XSS Business Process Manager
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-0243 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF20, and 8.5.x before. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM XSS Websphere Portal
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-0244 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF20, and 8.5.x before. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM XSS Websphere Portal
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2015-7457 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF09 allows remote attackers to inject arbitrary web script or HTML via a crafted. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM XSS Websphere Portal
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-0245 MEDIUM PATCH This Month

The XML parser in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF10 allows remote authenticated users to read arbitrary files or cause a denial of service via an external. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

IBM Denial Of Service XXE Websphere Portal
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2015-7491 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF09 allows remote authenticated users to inject arbitrary web script or HTML via a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Websphere Portal
NVD
CVSS 3.0
5.4
EPSS
0.1%
CVE-2016-0225 MEDIUM This Month

IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.9 allows remote authenticated Commerce Accelerator administrators to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Websphere Commerce
NVD
CVSS 3.0
4.9
EPSS
0.2%
CVE-2015-7455 LOW Monitor

IBM WebSphere Portal 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF20, and 8.5.x before 8.5.0.0 CF09 uses weak permissions for content items, which allows remote authenticated users to make. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

IBM Privilege Escalation Websphere Portal
NVD
CVSS 3.0
3.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy