Skip to main content
CVE-2016-6089 MEDIUM PATCH This Month

IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write to a file or delete files in a directory they should not have access to due to improper access controls. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Authentication Bypass Websphere Mq
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-1305 MEDIUM PATCH This Month

IBM DOORS Next Generation (DNG/RRC) 6.0.2 and 6.0.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2015-6959 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Vindula 1.9. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Vindula
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2015-3295 MEDIUM PATCH This Month

markdown-it before 4.1.0 does not block data: URLs. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Markdown It
NVD GitHub
CVSS 3.0
5.3
EPSS
0.6%
CVE-2016-9710 MEDIUM PATCH This Month

IBM Predictive Solutions Foundation (formerly PMQ) could allow a remote attacker to include arbitrary files. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Cognos Business Intelligence Server
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2016-5959 MEDIUM PATCH This Month

IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores sensitive information in URL parameters. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Security Privileged Identity Manager
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2017-4899 MEDIUM PATCH This Month

VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. Rated medium severity (CVSS 4.7). This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow VMware Information Disclosure Workstation Player Workstation Pro
NVD
CVSS 3.0
4.7
EPSS
0.0%
CVE-2016-3051 MEDIUM PATCH This Month

IBM Security Access Manager for Web 9.0.0 could allow an authenticated user to access some privileged functionality of the server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

IBM Privilege Escalation Security Access Manager 9 0 Firmware
NVD
CVSS 3.0
4.3
EPSS
0.2%
CVE-2017-1125 LOW PATCH Monitor

IBM Cognos Analytics 10.1 and 10.2 could allow a local user to craft a URL which could confirm the existence of and expose postial contents of a file. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Cognos Business Intelligence Server
NVD
CVSS 3.0
3.3
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy