Latest CVE Feed
-
5.4
MEDIUMCVE-2016-5981
Cross-site scripting (XSS) vulnerability in IBM FileNet Workplace XT through 1.1.5.2-WPXT-LA011 and FileNet Workplace (Application Engine) through 4.0.2.14-P8AE-IF001, when RegExpSecurityFilter and ScriptSecurityFilter are misconfigured, allows remote att... Read more
- EPSS Score: %0.14
- Published: Nov. 25, 2016
- Modified: Apr. 12, 2025
-
5.3
MEDIUMCVE-2016-5968
The Replay Server in IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108 FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224 FP3 allows remote ... Read more
Affected Products : tealeaf_customer_experience- EPSS Score: %0.20
- Published: Nov. 25, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-5967
The installation component in IBM Rational Asset Analyzer (RAA) 6.1.0 before FP10 allows local users to discover the WAS Admin password by reading IM native logs.... Read more
Affected Products : rational_asset_analyzer- EPSS Score: %0.05
- Published: Nov. 25, 2016
- Modified: Apr. 12, 2025
-
5.4
MEDIUMCVE-2016-5955
Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 6.0.2 before iFix004 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : rational_doors_next_generation- EPSS Score: %0.26
- Published: Nov. 25, 2016
- Modified: Apr. 12, 2025
-
10.0
CRITICALCVE-2016-5788
General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote attackers to obtain privileged access via unspecified vectors.... Read more
- EPSS Score: %0.30
- Published: Nov. 25, 2016
- Modified: Apr. 12, 2025
-
9.1
CRITICALCVE-2016-3028
IBM Security Access Manager for Web 7.0 before IF2 and 8.0 before 8.0.1.4 IF3 and Security Access Manager 9.0 before 9.0.1.0 IF5 allow remote authenticated users to execute arbitrary commands by leveraging LMI admin access.... Read more
- EPSS Score: %0.76
- Published: Nov. 25, 2016
- Modified: Apr. 12, 2025
-
8.1
HIGHCVE-2016-3025
IBM Security Access Manager for Mobile 8.x before 8.0.1.4 IF3 and Security Access Manager 9.x before 9.0.1.0 IF5 do not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach.... Read more
- EPSS Score: %0.54
- Published: Nov. 25, 2016
- Modified: Apr. 12, 2025
-
8.5
HIGHCVE-2016-2988
IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.4.x before 6.4.3.4 and 7.1.x before 7.1.6 allows remote authenticated users to bypass a TSM credential requirement and obtain ... Read more
Affected Products : tivoli_storage_manager_for_virtual_environments- EPSS Score: %0.33
- Published: Nov. 25, 2016
- Modified: Apr. 12, 2025
-
5.4
MEDIUMCVE-2016-2986
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 6.x before 6.0.1 iFix6, Rational Quality Manager 6.x before 6.0.1 iFix6, Rational Team Concert 6.x before 6.0.1 iFix6, Rational DOORS Next Generation 6.x before 6.... Read more
- EPSS Score: %0.17
- Published: Nov. 25, 2016
- Modified: Apr. 12, 2025
-
7.0
HIGHCVE-2016-2985
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid... Read more
- EPSS Score: %0.04
- Published: Nov. 25, 2016
- Modified: Apr. 12, 2025
-
7.0
HIGHCVE-2016-2984
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setu... Read more
- EPSS Score: %0.04
- Published: Nov. 25, 2016
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2016-2947
IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Team Concert 4.0 ... Read more
- EPSS Score: %0.18
- Published: Nov. 25, 2016
- Modified: Apr. 12, 2025
-
6.5
MEDIUMCVE-2016-2996
IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8, when Virtual Appliance is used, allows remote authenticated users to append to arbitrary files via unspecified vectors.... Read more
Affected Products : security_privileged_identity_manager- EPSS Score: %0.15
- Published: Nov. 24, 2016
- Modified: Apr. 12, 2025
-
5.4
MEDIUMCVE-2016-2864
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7... Read more
- EPSS Score: %0.17
- Published: Nov. 24, 2016
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2016-0378
IBM WebSphere Application Server (WAS) Liberty before 16.0.0.3, when the installation lacks a default error page, allows remote attackers to obtain sensitive information by triggering an exception.... Read more
Affected Products : websphere_application_server- EPSS Score: %0.34
- Published: Nov. 24, 2016
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2016-0372
IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 be... Read more
- EPSS Score: %0.26
- Published: Nov. 24, 2016
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2016-0353
IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8, when Virtual Appliance is used, does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its t... Read more
Affected Products : security_privileged_identity_manager- EPSS Score: %0.21
- Published: Nov. 24, 2016
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2016-0325
IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 be... Read more
Affected Products : rational_team_concert- EPSS Score: %0.47
- Published: Nov. 24, 2016
- Modified: Apr. 12, 2025
-
5.4
MEDIUMCVE-2016-0285
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7... Read more
Affected Products : rational_team_concert- EPSS Score: %0.17
- Published: Nov. 24, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-0284
The XML parser in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 ... Read more
- EPSS Score: %0.33
- Published: Nov. 24, 2016
- Modified: Apr. 12, 2025