IBM Corporation

285 tracked vulnerabilities.

CVE-2016-5937 HIGH
IBM Kenexa LCMS Premier on Cloud - Cross-Site Request Forgery
Feb 01, 2017
CVSS 8.8
EPSS 0.00
CVE-2016-5899 MEDIUM
IBM Jazz Reporting Service - Cross-Site Scripting
Feb 01, 2017
CVSS 5.4
EPSS 0.00
CVE-2016-5898 MEDIUM
IBM Jazz Reporting Service - Info Disclosure
Feb 01, 2017
CVSS 4.3
EPSS 0.00
CVE-2016-5897 MEDIUM
IBM Jazz Reporting Service < 6.0.2 - Cross-Site Scripting
Feb 01, 2017
CVSS 5.4
EPSS 0.00
CVE-2016-5896 MEDIUM
IBM Maximo Asset Management - Info Disclosure
Feb 01, 2017
CVSS 5.3
EPSS 0.00
CVE-2016-5882 MEDIUM
IBM iNotes - Stored Cross-Site Scripting
Feb 01, 2017
CVSS 6.1
EPSS 0.00
CVE-2016-5880 MEDIUM
IBM iNotes - Stored Cross-Site Scripting
Feb 01, 2017
CVSS 5.4
EPSS 0.00
CVE-2016-3053 HIGH
IBM AIX - Authenticated Privilege Escalation
Feb 01, 2017
CVSS 7.8
EPSS 0.03
CVE-2016-3046 LOW
IBM Security Access Manager for Web 8.0 Firmware - SQL Injection
Feb 01, 2017
CVSS 2.7
EPSS 0.00
CVE-2016-3045 LOW
IBM Security Access Manager for Web - Exposure of Sensitive Information via URL Parameters
Feb 01, 2017
CVSS 3.7
EPSS 0.00
CVE-2016-3043 MEDIUM
IBM Security Access Manager - Exposure of Sensitive Information via Missing HTTP Strict Transport Security
Feb 01, 2017
CVSS 5.9
EPSS 0.00
CVE-2016-3035 MEDIUM
IBM AppScan Source - Exposure of Sensitive Information via Testlinks
Feb 01, 2017
CVSS 5.3
EPSS 0.00
CVE-2016-3034 MEDIUM
IBM AppScan Source - Inadequate Encryption Strength via Unsalted One-Way Hash
Feb 01, 2017
CVSS 4.4
EPSS 0.00
CVE-2016-3029 HIGH
IBM Security Access Manager for Web 8.0 - Cross-Site Request Forgery
Feb 01, 2017
CVSS 8.8
EPSS 0.00
CVE-2016-3027 MEDIUM
IBM Security Access Manager for Web 8.0 - XML External Entity Injection
Feb 01, 2017
CVSS 6.5
EPSS 0.01
CVE-2016-3024 MEDIUM
IBM Security Access Manager for Web 8.0 - Unauthorized Exposure of Sensitive Information via Local Web Page Storage
Feb 01, 2017
CVSS 4.0
EPSS 0.00
CVE-2016-3023 MEDIUM
IBM Security Access Manager for Web 7.0 - Unauthenticated Exposure of Sensitive Information via Invalid File Names
Feb 01, 2017
CVSS 5.3
EPSS 0.00
CVE-2016-3022 MEDIUM
IBM Security Access Manager for Web - Info Disclosure
Feb 01, 2017
CVSS 6.5
EPSS 0.00
CVE-2016-3021 LOW
IBM Security Access Manager for Web 7.0 - Authenticated Sensitive Information Exposure via Error Message
Feb 01, 2017
CVSS 2.7
EPSS 0.00
CVE-2016-3018 MEDIUM
IBM Security Access Manager for Web - Stored Cross-Site Scripting
Feb 01, 2017
CVSS 6.1
EPSS 0.00
CVE-2016-3017 HIGH
IBM Security Access Manager for Web - Info Disclosure
Feb 01, 2017
CVSS 7.5
EPSS 0.00
CVE-2016-3016 MEDIUM
IBM Security Access Manager for Web 7.0 Firmware - Authenticated Code Execution via Unverified Update Processing
Feb 01, 2017
CVSS 4.4
EPSS 0.00
CVE-2016-2987 MEDIUM
IBM Rational DOORS Next Generation - Exposure of Sensitive Information via Administrative Deployment Parameters
Feb 01, 2017
CVSS 4.3
EPSS 0.00
CVE-2016-2939 MEDIUM
IBM iNotes - Stored Cross-Site Scripting
Feb 01, 2017
CVSS 6.1
EPSS 0.00
CVE-2016-2908 CRITICAL
IBM Security Access Manager 9.0 and 8.0 Firmware - XML External Entity Injection
Feb 01, 2017
CVSS 9.1
EPSS 0.01
Products
Kenexa LMS on Cloud 21 Rational Collaborative Lifecycle Management 17 Access Manager 16 QRadar SIEM 13 Key Lifecycle Manager 12 Kenexa LCMS Premier on Cloud 11 BigFix Inventory 8 WebSphere MQ 8 BigFix Platform 7 UrbanCode Deploy 7 InfoSphere Information Server 6 Jazz Reporting Service 6 TRIRIGA Application Platform 6 AIX 5 Connections 5 Maximo Asset Management 5 Privileged Identity Manager 5 Rational DOORS Next Generation 5 Rational Rhapsody Design Manager 5 Tivoli Storage Manager 5 Cloud Orchestrator 4 Cognos Business Intelligence 4 Domino 4 Integration Bus 4 Tivoli Storage Manager Extended Edition 4 WebSphere Application Server 4 WebSphere Portal 4 Business Process Manager Advanced 3 Cognos Analytics 3 Cognos TM1 3
Quick Filters
Critical CVEs With Exploits In CISA KEV