|
222631
|
6.3 |
MEDIUM
Network
|
ibm
|
tivoli_storage_productivity_center
spectrum_control
|
IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2.17) allows users to remain idle within the application even when a user has logged out. Utilizing the a…
|
CWE-613
Insufficient Session Expiration
|
CVE-2019-4072
|
2024-11-21 13:43 |
2019-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222632
|
8.8 |
HIGH
Network
|
ibm
|
tivoli_storage_productivity_center
spectrum_control
|
IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2.17) could allow a remote attacker to execute arbitrary commands on the system, caused by improper valid…
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2019-4071
|
2024-11-21 13:43 |
2019-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222633
|
7.1 |
HIGH
Network
|
ibm
|
tririga_application_platform
|
IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose …
|
CWE-611
XXE
|
CVE-2019-4208
|
2024-11-21 13:43 |
2019-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222634
|
3.3 |
LOW
Local
|
ibm
|
tririga_application_platform
|
IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 may disclose sensitive information only available to a local user that could be used in further attacks against the system. IBM X-Force ID: 159148.
|
NVD-CWE-noinfo
|
CVE-2019-4207
|
2024-11-21 13:43 |
2019-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222635
|
5.4 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering …
|
CWE-79
Cross-site Scripting
|
CVE-2019-4258
|
2024-11-21 13:43 |
2019-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222636
|
6.1 |
MEDIUM
Network
|
ibm
|
storediq
|
IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploi…
|
CWE-601
Open Redirect
|
CVE-2019-4166
|
2024-11-21 13:43 |
2019-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222637
|
4.3 |
MEDIUM
Network
|
ibm
|
jazz_reporting_service
|
IBM Jazz Reporting Service (JRS) 6.0.6 could allow an authenticated user to access the execution log files as a guest user, and obtain the information of the server execution. IBM X-Force ID: 156243.
|
CWE-269
Improper Privilege Management
|
CVE-2019-4047
|
2024-11-21 13:43 |
2019-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222638
|
5.4 |
MEDIUM
Network
|
ibm
|
infosphere_information_server
infosphere_information_server_on_cloud
|
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend…
|
CWE-79
Cross-site Scripting
|
CVE-2019-4238
|
2024-11-21 13:43 |
2019-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222639
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could allow an authenticated user to view process definition of a business process without permission. IBM X-Force ID: 159231.
|
CWE-269
Improper Privilege Management
|
CVE-2019-4222
|
2024-11-21 13:43 |
2019-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222640
|
5.4 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering …
|
CWE-79
Cross-site Scripting
|
CVE-2019-4148
|
2024-11-21 13:43 |
2019-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
