Vulmon Recent Vulnerabilities Trends About Contact

ibm vulnerabilities and exploits

(subscribe to this query)

5
CVSSv2
CVE-2015-7464
Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote attackers to cause a denial of service (Report Builder server outage) via a crafted request to a Report Builder instance URL....
IbmJazz Reporting Service
4.3
CVSSv2
CVE-2013-0506
Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors....
IbmSterling Multi-channel Fulfillment SolutionSterling Selling And Fulfillment Foundation
8.5
CVSSv2
CVE-2016-3039
IBM Traveler 8.x and 9.x before 9.0.1.12 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity...
IbmTraveler
6.9
CVSSv2
CVE-2010-5204
Multiple untrusted search path vulnerabilities in IBM Lotus Symphony 1.3.0 20090908.0900 allow local users to gain privileges via a Trojan horse (1) eclipse_1114.dll or (2) emser645mi.dll file in the current working directory, as demonstrated by a directory that contains a .odm,...
IbmLotus Symphony
4.3
CVSSv2
CVE-2014-0893
Cross-site scripting (XSS) vulnerability in customreport.jsp in IBM Maximo Asset Management 7.5.x before 7.5.0.5 IFIX006 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote authenticated users to inject arbitrary web script or HTML via...
IbmMaximo Asset ManagementSmartcloud Control Desk
3.5
CVSSv2
CVE-2018-1529
IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended...
IbmRational Doors Next Generation
10
CVSSv2
CVE-2015-1920
IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.47, 7.0 before 7.0.0.39, 8.0 before 8.0.0.11, and 8.5 before 8.5.5.6 allows remote attackers to execute arbitrary code by sending crafted instructions in a management-port session....
IbmWebsphere Application Server
3.5
CVSSv2
CVE-2015-1928
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0...
IbmRational Collaborative Lifecycle ManagementRational Doors Next GenerationRational Engineering Lifecycle ManagerRational Quality ManagerRational Requirements ComposerRational Rhapsody Design ManagerRational Software Architect Design ManagerRational Team Concert
4
CVSSv2
CVE-2015-7469
Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to bypass intended read-only restrictions by leveraging a JazzGuest role....
IbmJazz Reporting Service
4.3
CVSSv2
CVE-2013-0455
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2.4 and Sterling File Gateway allow remote attackers to inject arbitrary web script or HTML via unspecified vectors....
IbmSterling B2b IntegratorSterling File Gateway
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-15469CVE-2020-5902CVE-2020-14947cameraCVE-2020-2203NULL pointer dereferenceCVE-2020-6089logic flawprestashopCVE-2020-15523