|
219161
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code i…
|
CWE-79
Cross-site Scripting
|
CVE-2019-4495
|
2024-11-21 13:43 |
2019-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219162
|
5.4 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code i…
|
CWE-79
Cross-site Scripting
|
CVE-2019-4494
|
2024-11-21 13:43 |
2019-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219163
|
5.3 |
MEDIUM
Network
|
ibm
|
daeja_viewone
|
IBM Daeja ViewONE Virtual 5.0 through 5.0.6 could expose internal parameters to ViewONE clients that could be used in further attacks against the system. IBM X-Force ID: 159521.
|
NVD-CWE-noinfo
|
CVE-2019-4246
|
2024-11-21 13:43 |
2019-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219164
|
5.3 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequ…
|
CWE-22
Path Traversal
|
CVE-2019-4423
|
2024-11-21 13:43 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219165
|
5.3 |
MEDIUM
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by the improper setting of a cookie. IBM X-Force ID: 160951.
|
CWE-565
Reliance on Cookies without Validation and Integrity Checking
|
CVE-2019-4305
|
2024-11-21 13:43 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219166
|
6.3 |
MEDIUM
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation. IBM X-Force ID: 160950.
|
CWE-384
Session Fixation
|
CVE-2019-4304
|
2024-11-21 13:43 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219167
|
5.3 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 displays sensitive information in HTTP requests which could be used in further attacks against the system. IBM X-Force ID: 160503.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-4280
|
2024-11-21 13:43 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219168
|
5.4 |
MEDIUM
Network
|
ibm
|
websphere_extreme_scale
|
IBM WebSphere eXtreme Scale 8.6 Admin API is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functional…
|
CWE-79
Cross-site Scripting
|
CVE-2019-4115
|
2024-11-21 13:43 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219169
|
3.3 |
LOW
Local
|
ibm
|
websphere_extreme_scale
|
IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158105.
|
CWE-269
Improper Privilege Management
|
CVE-2019-4112
|
2024-11-21 13:43 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219170
|
6.1 |
MEDIUM
Network
|
ibm
|
websphere_extreme_scale
|
IBM WebSphere eXtreme Scale 8.6 Admin Console could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could …
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2019-4109
|
2024-11-21 13:43 |
2019-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
