Latest CVE Feed
-
3.5
LOWCVE-2024-42209
HCL Connections is vulnerable to an information disclosure vulnerability that could allow a user to obtain sensitive information they are not entitled to, which is caused by improper handling of request data.... Read more
Affected Products : connections- Published: Jul. 17, 2025
- Modified: Jul. 17, 2025
- Vuln Type: Information Disclosure
-
3.5
LOWCVE-2014-0348
The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9, Artiva Rm 3.1 MR7, Artiva Healthcare 5.2 MR5, and Artiva Architect 3.2 MR5, when the domain-name option is enabled, allows remote attackers to login to arbitra... Read more
- Published: Apr. 15, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-0444
Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Professional component in Oracle Supply Chain Products Suite 20.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Web General, a different vuln... Read more
Affected Products : supply_chain_products_suite- Published: Jan. 15, 2014
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2014-0874
Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter.... Read more
Affected Products : content_navigator- Published: Feb. 28, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-0858
IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to bypass intended access restrictions and conduct deleteAction attacks via a modified URL.... Read more
Affected Products : content_navigator- Published: Feb. 27, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-0850
Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data Management Reference Data Management (RDM) Hub 10.1 and 11.0 before 11.0.0.0-MDM-IF008 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.... Read more
Affected Products : infosphere_master_data_management_reference_data_management_hub- Published: Mar. 16, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-0437
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.... Read more
- Published: Jan. 15, 2014
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2014-0925
Open redirect vulnerability in IBM Sterling Control Center 5.4.0 before 5.4.0.1 iFix 3 and 5.4.1 before 5.4.1.0 iFix 2 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.... Read more
Affected Products : sterling_control_center- Published: May. 30, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-0843
Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to inject arbitrary web script or HTML by uploading a file.... Read more
Affected Products : rational_focal_point- Published: Feb. 26, 2014
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2014-0824
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.x before 7.1.1.8 LAFIX.20140319-0839 and 7.1.1.12 before IFIX.20140321-1336 and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change an... Read more
- Published: May. 26, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-0825
Cross-site scripting (XSS) vulnerability in openreport.jsp in IBM Maximo Asset Management 7.x before 7.1.1.12 IFIX.20140321-1336 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset M... Read more
- Published: May. 26, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-0844
Unspecified vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to read arbitrary data via unknown vectors.... Read more
- Published: Mar. 04, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-0910
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.0 through 6.1.0.6 CF27, 6.1.5.0 through 6.1.5.3 CF27, and 7.0.0 through 7.0.0.2 CF28 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : websphere_portal- Published: Jun. 18, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-0915
Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management 6.2 through 6.2.8, 6.x and 7.1 through 7.1.1.2, and 7.5 through 7.5.0.6; Maximo Asset Management 7.5 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk; ... Read more
- Published: Jul. 30, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-0846
Cross-site scripting (XSS) vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to inject arbitrary web script or HTML via... Read more
- Published: Mar. 04, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2020-28838
Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to cart.... Read more
Affected Products : opencart- Published: Dec. 11, 2020
- Modified: Nov. 21, 2024
-
3.5
LOWCVE-2014-0945
Cross-site scripting (XSS) vulnerability in the RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 allows remote authenticated users to inject arbitrary web script or H... Read more
Affected Products : operational_decision_manager- Published: May. 09, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-0968
Cross-site scripting (XSS) vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0 FP4 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 allows... Read more
- Published: Jul. 19, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2016-0608
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF.... Read more
Affected Products : ubuntu_linux enterprise_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation leap enterprise_linux_server_aus enterprise_linux_server_eus mysql +6 more products- Published: Jan. 21, 2016
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-0884
Cross-site scripting (XSS) vulnerability in the Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : lotus_protector_for_mail_security- Published: Mar. 25, 2014
- Modified: Apr. 12, 2025