Lucene search
K

170 matches found

NVD
NVD
added 2017/07/24 9:29 p.m.18 views

CVE-2017-1245

IBM Rational Software Architect Design Manager 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...

5.4CVSS5.2AI score0.0054EPSS
Exploits0References2
OSV
OSV
added 2017/07/24 9:29 p.m.3 views

CVE-2016-8975

IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 118912...

5.4CVSS5.4AI score
Exploits0References3
CVE
CVE
added 2017/07/24 9:0 p.m.47 views

CVE-2017-1245

IBM Rational Software Architect Design Manager 5.0–6.0 is vulnerable to cross-site scripting in the Web UI due to improper input sanitization. Affected products range 4.0.0–6.0.2; the CVE entry corresponds to CVE-2017-1245 with CVSSv3 base 5.4. Remediation/releases include upgrading to fixed iFix...

5.4CVSS5.2AI score0.0054EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/06/08 9:29 p.m.4 views

CVE-2016-9698

IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference...

8.1CVSS5.8AI score0.01963EPSS
Exploits0References4
CNVD
CNVD
added 2017/03/15 12:0 a.m.5 views

IBM Rational Rhapsody Design Manager XML External Entity Injection Vulnerability

IBM Rational Rhapsody Design Manager is a set of collaborative design management software from IBM in the United States. IBM Rational Rhapsody Design Manager suffers from an XML external entity injection vulnerability. A remote attacker could exploit this vulnerability to submit special XML data,...

8.1CVSS7.1AI score0.01963EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/15 12:0 a.m.3 views

IBM Rational Rhapsody Design Manager Arbitrary File Upload Vulnerability

IBM Rational Rhapsody Design Manager is a suite of collaborative design management software from IBM. The software supports the use of centralized system repositories with Web-based access to store, share, search, and manage design models as well as automated software design reviews. An arbitrary...

4.3CVSS7AI score0.00673EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/15 12:0 a.m.4 views

IBM Rational Rhapsody Design Manager Information Disclosure Vulnerability

IBM Rational Rhapsody Design Manager is a suite of collaborative design management software from IBM. The software supports the use of centralized system repositories with Web-based access to store, share, search, and manage design models as well as automated software design reviews. A security...

3.1CVSS6.5AI score0.00665EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/15 12:0 a.m.6 views

IBM Rational Rhapsody Design Manager HTML Injection Vulnerability

IBM Rational Rhapsody Design Manager is a set of collaborative design management software from IBM in the United States. IBM Rational Rhapsody Design Manager suffers from an HTML injection vulnerability. The vulnerability allows remote attackers to inject malicious script or HTML code, which can ...

5.4CVSS6.7AI score0.00642EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/15 12:0 a.m.5 views

IBM Rational Rhapsody Design Manager Cross-Site Scripting Vulnerability

IBM Rational Rhapsody Design Manager is a suite of collaborative design management software from IBM. The software supports the use of centralized system repositories with Web-based access to store, share, search, and manage design models as well as automated software design reviews. A cross-site...

5.4CVSS6.5AI score0.00538EPSS
Exploits0References1
Prion
Prion
added 2017/03/09 9:59 a.m.22 views

Cross site scripting

Cross-site scripting XSS vulnerability in /admin/moduleinterface.php in CMS Made Simple 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the m1description parameter aka "Design Manager Categories Category Description"...

3.5CVSS5.1AI score0.00607EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2017/03/09 9:59 a.m.20 views

CVE-2017-6555

Cross-site scripting XSS vulnerability in /admin/moduleinterface.php in CMS Made Simple 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the m1description parameter aka "Design Manager Categories Category Description"...

5.4CVSS5.1AI score0.00607EPSS
Exploits1References2
CNVD
CNVD
added 2017/02/22 12:0 a.m.3 views

IBM Rational Rhapsody Design Manager XML External Entity Injection Vulnerability

IBM Rational Rhapsody Design Manager is a Jazz-based platform from IBM that helps systems engineers apply Model-Based Systems Engineering MBSE through SysML to help embedded software developers dismantle engineering silos and collaborate with key stakeholders, such as managers, quality managers,...

8.1CVSS7.3AI score0.01223EPSS
Exploits0References1
OSV
OSV
added 2016/11/30 11:59 a.m.3 views

CVE-2016-3014

Cross-site scripting XSS vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Quality Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Team Concert 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17,...

5.4CVSS5.9AI score0.01324EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2016/11/30 11:59 a.m.2 views

CVE-2016-3014

Cross-site scripting XSS vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Quality Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Team Concert 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17,...

5.4CVSS5.7AI score0.01324EPSS
Exploits0References7
CVE
CVE
added 2016/11/30 11:0 a.m.58 views

CVE-2016-3014

The CVE-2016-3014 entry concerns a Cross-Site Scripting (XSS) vulnerability in IBM Jazz Foundation-based products, including CLM, RDNG, RELM, RTC, RQM, RSA DM, and Rhapsody DM. The issue allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. Affected...

5.4CVSS4.9AI score0.01324EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2016/11/25 8:59 p.m.5 views

CVE-2016-2926

Cross-site scripting XSS vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Team Concert 4.0...

5.4CVSS5.9AI score0.01175EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2016/11/25 3:59 a.m.3 views

CVE-2016-2947

IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Team Concert 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2...

4CVSS5.5AI score0.00826EPSS
Exploits0References3
CVE
CVE
added 2016/11/25 3:38 a.m.61 views

CVE-2016-2986

IBM CVE-2016-2986 affects IBM Jazz-based products in CLM/RQM/RTC/RDNG/RELM/Rhapsody DM (versions 6.0.x prior to fixed 6.0.1 iFix6). The vulnerability is an XSS that lets remote authenticated users inject arbitrary JavaScript/HTML via unspecified vectors, potentially impacting credentials in a tru...

5.4CVSS4.9AI score0.00615EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2016/11/25 3:38 a.m.54 views

CVE-2016-2947

CVE-2016-2947 describes an information disclosure vulnerability in IBM Jazz Foundation products (CLM, RQM, RTC, RDNG, RELM, Rhapsody DM, RSA DM) and related RFPs. The issue affects multiple versions across CLM 4.0–6.0.2, RQM 4.0–4.0.7/5.0–5.0.2/6.0–6.0.2, RTC 4.0–4.0.7/5.0–5.0.2/6.0–6.0.2, RDNG 4...

4CVSS3.2AI score0.00826EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2016/11/24 7:59 p.m.8 views

CVE-2016-2864

Cross-site scripting XSS vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0...

5.4CVSS5.9AI score0.00615EPSS
Exploits0References2
Rows per page
Query Builder