Skip to main content
CVE-2016-0326 HIGH PATCH This Week

IBM Rational Quality Manager (RQM) and Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.x before 4.0.7 iFix11, 5.x before 5.0.2 iFix17, and 6.x before 6.0.1 ifix3 allow remote. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

IBM Command Injection Rational Collaborative Lifecycle Management Rational Quality Manager
NVD
CVSS 3.0
8.8
EPSS
0.9%
CVE-2016-0239 HIGH PATCH This Week

IBM Security Guardium Database Activity Monitor 9.x through 9.5 before p700 and 10.x through 10.0.1 before p100 allows remote authenticated users to make HTTP requests with administrator privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

IBM Privilege Escalation Security Guardium Database Activity Monitor
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2016-0241 HIGH PATCH This Week

IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to spoof administrator accounts by. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

IBM Authentication Bypass Security Guardium Database Activity Monitor
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2016-0328 HIGH PATCH This Week

IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows local users to obtain administrator privileges for command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

IBM Command Injection Security Guardium Database Activity Monitor
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-0247 HIGH PATCH This Week

IBM Security Guardium 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows local users to obtain sensitive cleartext information via unspecified vectors, as. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Security Guardium
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-0246 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in IBM Security Guardium 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote attackers to inject arbitrary web. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM XSS Security Guardium
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-0377 MEDIUM PATCH This Month

The Administrative Console in IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, and 8.5.x before 8.5.5.10 mishandles CSRFtoken cookies, which allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Websphere Application Server
NVD
CVSS 3.0
4.3
EPSS
0.2%
CVE-2016-0242 MEDIUM PATCH This Month

IBM Security Guardium 10.x through 10.1 before p100 allows remote authenticated users to obtain sensitive information by reading an Application Error message. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Security Guardium
NVD
CVSS 3.0
4.3
EPSS
0.2%
CVE-2016-0240 LOW PATCH Monitor

IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 does not enable the HSTS protection mechanism, which makes it easier. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

IBM Information Disclosure Security Guardium Database Activity Monitor
NVD
CVSS 3.0
3.7
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy