Latest CVE Feed
-
5.3
MEDIUMCVE-2015-7542
A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates.... Read more
- Published: Dec. 03, 2019
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2015-7508
Heap-based buffer overflow in the bmp_decode_rle function in libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the last row of RLE data in a crafted BMP ... Read more
Affected Products : libnsbmp- Published: Feb. 12, 2020
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2015-7507
libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function.... Read more
Affected Products : libnsbmp- Published: Feb. 18, 2020
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2015-7506
The gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted LZW stream in a GIF file.... Read more
Affected Products : libnsgif- Published: Feb. 18, 2020
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2015-7505
Stack-based buffer overflow in the gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LZW stream in a GIF file.... Read more
Affected Products : libnsgif- Published: Feb. 18, 2020
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2015-7486
Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote attackers to inject arbitrary web scr... Read more
Affected Products : rational_engineering_lifecycle_manager- Published: Jan. 16, 2018
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2015-7485
Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote attackers to inject arbitrary web scr... Read more
Affected Products : rational_engineering_lifecycle_manager- Published: Jan. 16, 2018
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2015-7484
IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authenticated users with access to lifecycle projects to obtain sensitive information by sending a crafted URL to the Lifecycle Quer... Read more
Affected Products : rational_engineering_lifecycle_manager- Published: Jan. 16, 2018
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2015-7474
Cross-site scripting (XSS) vulnerability in Jazz Foundation in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote attackers to injec... Read more
Affected Products : rational_engineering_lifecycle_manager- Published: Jan. 16, 2018
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2015-7471
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) ... Read more
- Published: Mar. 15, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2015-7463
IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 through cumulative fix 2 allow remote authenticated users to delete process and task data by leveraging incorrect authorization checks. IBM X-Force ID: 108393.... Read more
Affected Products : business_process_manager- Published: Mar. 15, 2018
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2015-7461
XML external entity (XXE) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote authenticated users to cause a denial of service (memory consumption) via crafted XML data. IBM X-Force ID: 108357.... Read more
Affected Products : connections- Published: Mar. 20, 2018
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2015-7460
Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108356.... Read more
Affected Products : connections- Published: Mar. 20, 2018
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2015-7459
Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108355.... Read more
Affected Products : connections- Published: Mar. 20, 2018
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2015-7458
Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108354.... Read more
Affected Products : connections- Published: Mar. 20, 2018
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2015-7453
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) ... Read more
- Published: Mar. 15, 2018
- Modified: Nov. 21, 2024
-
3.3
LOWCVE-2015-7449
IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before... Read more
- Published: Mar. 20, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2015-7440
IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.... Read more
- Published: Mar. 15, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2015-7434
IBM Capacity Management Analytics 2.1.0.0 allows local users to discover encrypted usernames and passwords by leveraging access to the CMA install machine. IBM X-Force ID: 107863.... Read more
Affected Products : capacity_management_analytics- Published: Mar. 26, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2015-7433
IBM Capacity Management Analytics 2.1.0.0 allows local users to discover cleartext usernames and passwords by leveraging access to the CMA install machine. IBM X-Force ID: 107862.... Read more
Affected Products : capacity_management_analytics- Published: Mar. 26, 2018
- Modified: Nov. 21, 2024