166 matches found
CVE-2016-6065
IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root...
CVE-2016-6065
IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root...
Command injection
IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root...
CVE-2016-6065
IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root...
CVE-2016-6065
CVE-2016-6065 affects IBM Security Guardium Database Activity Monitor appliances. A local user could inject commands that are executed as root due to an injection flaw in the appliance. Affected products/versions identified by IBM include Guardium Database Activity Monitor v8.2, v9, v9.1, v9.5, a...
IBM Security Guardium Database Activity Monitor Remote Command Injection Vulnerability
IBM Security Guardium Database Activity Monitor is a database activity monitor product from IBM USA. The product provides features such as automated controls for compliance and protection against internal and external threats. A remote command injection vulnerability exists in IBM Security Guardi...
CVE-2016-0328
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows local users to obtain administrator privileges for command execution via unspecified vectors...
CVE-2016-0240
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP...
Code injection
IBM Security Guardium Database Activity Monitor 9.x through 9.5 before p700 and 10.x through 10.0.1 before p100 allows remote authenticated users to make HTTP requests with administrator privileges via unspecified vectors...
CVE-2016-0241
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP...
CVE-2016-0240
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP...
Design/Logic Flaw
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP...
CVE-2016-0239
IBM Security Guardium Database Activity Monitor 9.x through 9.5 before p700 and 10.x through 10.0.1 before p100 allows remote authenticated users to make HTTP requests with administrator privileges via unspecified vectors...
CVE-2016-0239
IBM Security Guardium Database Activity Monitor 9.x through 9.5 before p700 and 10.x through 10.0.1 before p100 allows remote authenticated users to make HTTP requests with administrator privileges via unspecified vectors...
CVE-2016-0239
IBM Security Guardium Database Activity Monitor 9.x through 9.5 before p700 and 10.x through 10.0.1 before p100 allows remote authenticated users to make HTTP requests with administrator privileges via unspecified vectors...
CVE-2016-0328
IBM Security Guardium Database Activity Monitor is affected by CVE-2016-0328: versions 8.2 before p310, 9.x up to 9.5 before p700, and 10.x up to 10.1 before p100 allow a local user to inject commands that would be executed with administrator privileges. The vulnerability is categorized as Execut...
CVE-2016-0240
CVE-2016-0240 affects IBM Security Guardium Database Activity Monitor. Affected versions include 8.2 (before p310), 9.0/9.1/9.5 (before p700), and 10.0/10.0.1/10.1. The root issue is that the product does not enable HTTP Strict-Transport-Security (HSTS), enabling potential man‑in‑the‑middle discl...
CVE-2016-0241
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP...
CVE-2016-0240
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP...
CVE-2016-0241
CVE-2016-0241 affects IBM Security Guardium Database Activity Monitor. Affected versions: 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100. Root cause: flaw in HTTP login request handling allowing remote authenticated users to spoof administrator accounts. Impact: u...