Filtered by vendor Ibm
Subscriptions
Total
8140 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-8954 | 1 Ibm | 1 Dashdb Local | 2025-04-20 | N/A |
| IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database. | ||||
| CVE-2016-6089 | 1 Ibm | 1 Websphere Mq | 2025-04-20 | N/A |
| IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write to a file or delete files in a directory they should not have access to due to improper access controls. IBM X-Force ID: 117926. | ||||
| CVE-2016-6079 | 1 Ibm | 2 Aix, Vios | 2025-04-20 | N/A |
| IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053. | ||||
| CVE-2016-6105 | 1 Ibm | 1 Security Key Lifecycle Manager | 2025-04-20 | N/A |
| IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 do not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. | ||||
| CVE-2016-6047 | 1 Ibm | 1 Jazz Reporting Service | 2025-04-20 | N/A |
| IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2016-6046 | 1 Ibm | 1 Tivoli Storage Manager | 2025-04-20 | N/A |
| IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2016-6054 | 1 Ibm | 1 Jazz Reporting Service | 2025-04-20 | N/A |
| IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2016-6043 | 1 Ibm | 1 Tivoli Storage Manager | 2025-04-20 | N/A |
| Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced. | ||||
| CVE-2016-5934 | 1 Ibm | 1 Tivoli Storage Manager Fastback | 2025-04-20 | N/A |
| IBM Tivoli Storage Manager FastBack installer could allow a remote attacker to execute arbitrary code on the system. By placing a specially-crafted DLL in the victim's path, an attacker could exploit this vulnerability when the installer is executed to run arbitrary code on the system with privileges of the victim. | ||||
| CVE-2016-6045 | 1 Ibm | 1 Tivoli Storage Manager | 2025-04-20 | N/A |
| IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | ||||
| CVE-2016-6056 | 1 Ibm | 1 Call Center For Commerce | 2025-04-20 | N/A |
| IBM Call Center for Commerce 9.3 and 9.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000442. | ||||
| CVE-2016-6040 | 1 Ibm | 1 Rational Collaborative Lifecycle Management | 2025-04-20 | N/A |
| IBM Jazz Foundation could allow an authenticated user to take over a previously logged in user due to session expiration not being enforced. | ||||
| CVE-2016-6039 | 1 Ibm | 1 Jazz Reporting Service | 2025-04-20 | N/A |
| IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2016-6061 | 1 Ibm | 1 Rational Collaborative Lifecycle Management | 2025-04-20 | N/A |
| IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2016-3036 | 1 Ibm | 1 Cognos Business Intelligence | 2025-04-20 | N/A |
| IBM Cognos TM1 10.1 and 10.2 is vulnerable to a denial of service, caused by a stack-based buffer overflow when parsing packets. A remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 114612. | ||||
| CVE-2016-3023 | 1 Ibm | 6 Security Access Manager 9.0 Firmware, Security Access Manager For Mobile 8.0 Firmware, Security Access Manager For Mobile Appliance and 3 more | 2025-04-20 | N/A |
| IBM Security Access Manager for Web could allow an unauthenticated user to gain access to sensitive information by entering invalid file names. | ||||
| CVE-2016-6032 | 1 Ibm | 1 Rational Collaborative Lifecycle Management | 2025-04-20 | N/A |
| IBM Rational Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2016-9704 | 1 Ibm | 1 Security Identity Manager Virtual Appliance | 2025-04-20 | N/A |
| IBM Security Identity Manager Virtual Appliance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2016-6036 | 1 Ibm | 1 Rational Quality Manager | 2025-04-20 | N/A |
| IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000784. | ||||
| CVE-2016-6037 | 1 Ibm | 2 Rational Quality Manager, Rational Team Concert | 2025-04-20 | N/A |
| IBM Rational Team Concert (RTC) is vulnerable to HTML injection. A remote attacker with project administrator privileges could send a project that contains malicious HTML code, which when the project is viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 116918. | ||||