厂商或团体 ibm 的搜索结果 (2982)

CVE-2014-4843(发布:2017-06-08 12:29:00)NMC
CVSS5.0

[CNNVD]IBM Curam Social Program Management 信息泄露漏洞--IBM Curam Social Program Management(SPM)是美国IBM公司的一套社会计划管理解决方案。该方案支持终端到终端社会项目交付的过程。 IBM Curam SPM中存在信息泄露漏洞。攻击者可利用该漏洞获取敏感信息。以下版本受到影响:IBM Curam...

CVE-2016-0254(发布:2017-06-07 13:29:00)NMS
CVSS6.8

[原文]IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote authenticated attacker could exploit this vulnerability to consume all available CPU resources and cause a denial of service. IBM X-Force ID: 110563.

CVE-2016-3019(发布:2017-06-07 13:29:00)NMS
CVSS4.0

[原文]IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 114462.

CVE-2016-3051(发布:2017-06-07 13:29:00)NMS
CVSS4.0

[原文]IBM Security Access Manager for Web 9.0.0 could allow an authenticated user to access some privileged functionality of the server. IBM X-Force ID: 114714.

CVE-2016-3032(发布:2017-05-10 10:29:00)NMS
CVSS3.5

[原文]IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 114516.

CVE-2016-0255(发布:2017-05-05 15:29:00)NMS
CVSS4.3

[原文]IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM X-Force ID: 110564.

12345678下一页尾页 第1页 / 共497页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站