Lucene search
+L

173 matches found

OSV
OSV
added 2017/08/29 9:29 p.m.3 views

CVE-2016-2975

IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113935...

5.4CVSS5.4AI score0.0072EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2017/08/29 9:29 p.m.4 views

CVE-2016-2964

IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too detailed and may reveal details about the application. IBM X-Force ID: 113813...

5.3CVSS5.5AI score0.01271EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2017/08/29 9:29 p.m.4 views

CVE-2016-2967

IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Sametime away message altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113848...

5.4CVSS5.1AI score0.0072EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2017/08/29 9:29 p.m.18 views

CVE-2016-2966

IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumerate meeting rooms by guessing the meeting room id. IBM X-Force ID: 113847...

4.3CVSS4.4AI score0.01234EPSS
Exploits0References3
Prion
Prion
added 2017/08/29 9:29 p.m.14 views

Information disclosure

IBM Sametime 8.5.2 and 9.0 could store potentially sensitive information from the browser cache locally that could be available to a local user. IBM X-Force ID: 113938...

2.1CVSS5.8AI score0.00319EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2017/08/29 9:29 p.m.21 views

Design/Logic Flaw

IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumerate meeting rooms by guessing the meeting room id. IBM X-Force ID: 113847...

4CVSS6.3AI score0.01234EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/08/29 9:29 p.m.5 views

CVE-2016-0358

IBM Sametime 8.5.2 and 9.0 could allow an unauthorized authenticated user to enumerate group chat ID numbers and join meetings that he was not invited to. IBM X-Force ID: 111928...

4.3CVSS5.8AI score0.00962EPSS
Exploits0References3
CVE
CVE
added 2017/08/29 9:0 p.m.52 views

CVE-2016-2974

IBM Sametime Connect versions 8.5.2 and 9.0 contain an information disclosure vulnerability where, after uninstalling the Sametime Rich Client, potentially sensitive information about the Sametime environment and other local users could be exposed. The issue is described across multiple sources (...

3.3CVSS3.6AI score0.00339EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/08/29 9:0 p.m.27 views

CVE-2016-2975

IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113935...

5.2AI score0.0072EPSS
Exploits0References3
OSV
OSV
added 2017/08/29 6:29 p.m.2 views

CVE-2016-2965

IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious link, a remote attacker could force the user to log out of Sametime. IBM X-Force ID: 113846...

6.5CVSS5.7AI score0.00796EPSS
Exploits0References4
OSV
OSV
added 2017/08/29 6:29 p.m.2 views

CVE-2016-2977

IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a malicious user to lower other users hands in the meeting. IBM X-Force ID: 113937...

4.3CVSS5.8AI score0.00939EPSS
Exploits0References4
Prion
Prion
added 2017/08/29 6:29 p.m.14 views

Design/Logic Flaw

IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of the Sametime Meetings user in the local cache of their browser which could be accessed by a local user. IBM X-Force ID: 113855...

2.1CVSS6.3AI score0.00345EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2017/08/29 6:29 p.m.18 views

Design/Logic Flaw

IBM Sametime Meeting Server 8.5.2 and 9.0 could allow an authenticated and invited user of Sametime meeting to lower any or all hands in an e-meeting, thus spoofing results of votes in the meeting. IBM X-Force ID: 113803...

4CVSS6.3AI score0.00676EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/08/29 6:29 p.m.6 views

CVE-2016-2971

IBM Sametime Media Services 8.5.2 and 9.0 can disclose sensitive information in stack trace error logs that could aid an attacker in future attacks. IBM X-Force ID: 113898...

5.3CVSS5.7AI score0.01329EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2017/08/29 6:29 p.m.1 views

CVE-2016-2973

IBM Sametime Media Services 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113899...

5.4CVSS5.1AI score0.00754EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2017/08/29 6:29 p.m.15 views

Cross site request forgery (csrf)

IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. IBM X-Force ID: 111894...

4CVSS6.2AI score0.00712EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2017/08/29 6:29 p.m.7 views

CVE-2016-2959

IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting room manager to remove the primary managers privileges. IBM X-Force ID: 113804...

4.3CVSS5.8AI score0.00939EPSS
Exploits0References4
OSV
OSV
added 2017/08/29 6:29 p.m.6 views

CVE-2016-2973

IBM Sametime Media Services 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113899...

5.4CVSS5.4AI score0.00754EPSS
Exploits0References4
Prion
Prion
added 2017/08/29 6:29 p.m.15 views

Cross site request forgery (csrf)

IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. IBM X-Force ID: 111895...

4CVSS6.2AI score0.00712EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2017/08/29 6:0 p.m.45 views

CVE-2016-2965

CVE-2016-2965 affects IBM Sametime Meeting Server versions 8.5.2 and 9.0. The issue is a cross-site request forgery (CSRF) caused by improper validation of user-supplied input. By convincing a user to visit a malicious link, an attacker could force the user to log out of Sametime. Multiple source...

6.5CVSS6.2AI score0.00796EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder