VYPR

Vendor CVEs

IBM

All CVEs

8,287 total · sorted by risk
  • CVE-2018-1603MedOct 4, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1602MedOct 4, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1692MedOct 2, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1691MedOct 2, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1605MedOct 2, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1601MedOct 2, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1558MedOct 2, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to…

  • CVE-2018-1557MedOct 2, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1522MedOct 2, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1440MedOct 2, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1439MedOct 2, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1405MedOct 2, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1404MedOct 2, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1403MedOct 2, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1395MedOct 2, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2017-1649MedOct 2, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1420MedOct 1, 2018
    risk 0.35cvss 5.3epss 0.01

    IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. This can lead to security miss-configuration of the installation. IBM X-Force ID: 138950.

  • CVE-2018-1820MedSep 27, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…

  • CVE-2018-1660MedSep 27, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.…

  • CVE-2018-1610MedSep 26, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1659MedSep 25, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1560MedSep 25, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…

  • CVE-2018-1539MedSep 25, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 could allow remote attackers to bypass authentication via a direct request or forced browsing to a page other than URL intended. IBM X-Force ID: 142561.

  • CVE-2018-1698MedSep 13, 2018
    risk 0.35cvss 5.3epss 0.02

    IBM Maximo Asset Management 7.6 through 7.6.3 could allow an unauthenticated attacker to obtain sensitive information from error messages. IBM X-Force ID: 145967.

  • CVE-2018-1757MedSep 7, 2018
    risk 0.35cvss 5.3epss 0.02

    IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 could allow an attacker to obtain sensitive information due to missing authentication in IGI for the survey application. IBM X-Force ID: 148601.

  • CVE-2017-1115MedSep 7, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 121153.

  • CVE-2017-1114MedSep 7, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force…

  • CVE-2018-1599MedAug 22, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch…

  • CVE-2018-1394MedAug 20, 2018
    risk 0.35cvss 5.4epss 0.01

    Multiple IBM Rational products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force…

  • CVE-2017-1753MedAug 20, 2018
    risk 0.35cvss 5.4epss 0.01

    Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 135655.

  • CVE-2018-1715MedAug 16, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.…

  • CVE-2017-1749MedAug 13, 2018
    risk 0.35cvss 5.3epss 0.02

    IBM UrbanCode Deploy 6.1 through 6.9.6.0 could allow a remote attacker to traverse directories on the system. An unauthenticated attacker could alter UCD deployments. IBM X-Force ID: 135522.

  • CVE-2018-1690MedAug 7, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rhapsody Model Manager 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force…

  • CVE-2018-1422MedAug 6, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Jazz Foundation products (IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.5) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially…

  • CVE-2017-1409MedAug 6, 2018
    risk 0.35cvss 5.3epss 0.01

    IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 127396.

  • CVE-2018-1554MedAug 2, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force…

  • CVE-2018-1718MedJul 31, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Sterling B2B Integrator Standard Edition 5.2.0.1 - 5.2.6.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a…

  • CVE-2018-1679MedJul 20, 2018
    risk 0.35cvss 5.3epss 0.02

    IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could allow an unauthenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 145180.

  • CVE-2018-1398MedJul 20, 2018
    risk 0.35cvss 5.3epss 0.02

    IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote attacker to download certain files that could contain sensitive information. IBM X-Force ID: 138434.

  • CVE-2018-1585MedJul 19, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…

  • CVE-2018-1536MedJul 19, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…

  • CVE-2018-1535MedJul 19, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…

  • CVE-2018-1529MedJul 19, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended…

  • CVE-2013-0570MedJul 13, 2018
    risk 0.35cvss 5.3epss 0.01

    The Fibre Channel over Ethernet (FCoE) feature in IBM System Networking and Blade Network Technology (BNT) switches running IBM Networking Operating System (aka NOS, formerly BLADE Operating System) floods data frames with unknown MAC addresses out on all interfaces on the same…

  • CVE-2013-0592MedJul 11, 2018
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815.

  • CVE-2018-1549MedJul 10, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This…

  • CVE-2018-1523MedJul 10, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure…

  • CVE-2018-1396MedJul 10, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure…

  • CVE-2017-1793MedJul 10, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure…

  • CVE-2017-1792MedJul 10, 2018
    risk 0.35cvss 5.4epss 0.01

    IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure…

Page 19 of 166