Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm bigfix inventory vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2016-8962
IBM BigFix Inventory 9.2 does not require that users should have strong passwords by default, which makes it easier for malicious users to compromise user accounts. IBM X-Force ID: 118851.
Ibm Bigfix Inventory
516
VMScore
CVE-2016-8961
IBM BigFix Inventory v9 could allow a remote malicious user to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user t...
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory
187
VMScore
CVE-2016-8963
IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory
383
VMScore
CVE-2016-8966
IBM BigFix Inventory v9 could allow a remote malicious user to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
668
VMScore
CVE-2016-8980
IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
445
VMScore
CVE-2016-8964
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote malicious user to brute force account credentials. IBM X-Force ID: 118853.
Ibm License Metric Tool
Ibm Bigfix Inventory
187
VMScore
CVE-2016-8967
IBM BigFix Inventory v9 9.2 stores user credentials in plain in clear text which can be read by a local user.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
445
VMScore
CVE-2016-8977
IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
187
VMScore
CVE-2016-8981
IBM BigFix Inventory v9 allows web pages to be stored locally which can be read by another user on the system.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started