Lucene search
+L

96 matches found

CVE
CVE
added 2012/09/10 5:0 p.m.51 views

CVE-2012-3326

Summary: CVE-2012-3326 is a Cross-Site Scripting (XSS) vulnerability affecting IBM Maximo Asset Management 7.5 and related products (SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, CCMDB). The issue arises in the web interface allowing...

4.3CVSS5.8AI score0.01161EPSS
Exploits0References4Affected Software6
CVE
CVE
added 2012/09/10 5:0 p.m.56 views

CVE-2012-2183

IBM’s advisory confirms CVE-2012-2183 is a session-fixation vulnerability affecting IBM Maximo Asset Management products (7.5, 7.1, 6.2) and related offerings (SmartCloud Control Desk, Tivoli IT/Service Request Manager, Maximo Service Desk, CCMDB). The issue originates from how web sessions are e...

6.8CVSS6.7AI score0.02021EPSS
Exploits0References5Affected Software6
Cvelist
Cvelist
added 2012/09/10 5:0 p.m.28 views

CVE-2012-0728

SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote authenticated users to execute...

7.8AI score0.0104EPSS
Exploits0References4
Cvelist
Cvelist
added 2012/09/10 5:0 p.m.29 views

CVE-2012-0747

SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote authenticated users to execute...

7.8AI score0.0104EPSS
Exploits0References5
Cvelist
Cvelist
added 2012/09/10 5:0 p.m.24 views

CVE-2012-0746

Cross-site scripting XSS vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote authenticated users to inject...

5.2AI score0.00946EPSS
Exploits0References4
Cvelist
Cvelist
added 2012/09/10 5:0 p.m.31 views

CVE-2012-3326

Cross-site scripting XSS vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database CCMDB, allows remote attackers to inject arbitrary w...

5.7AI score0.01161EPSS
Exploits0References4
NVD
NVD
added 2012/03/13 3:12 a.m.26 views

CVE-2011-1397

Cross-site request forgery CSRF vulnerability in the Labor Reporting page in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM...

6.8CVSS7.1AI score0.01035EPSS
Exploits0References6
Prion
Prion
added 2012/03/13 3:12 a.m.26 views

Code injection

The About option on the Help menu in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management...

4CVSS6.7AI score0.01196EPSS
Exploits0References6Affected Software6
Prion
Prion
added 2012/03/13 3:12 a.m.23 views

Session fixation

IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database CCMDB 6.2, 7.1, and 7.2 all...

5CVSS7.1AI score0.02555EPSS
Exploits0References6Affected Software6
Cvelist
Cvelist
added 2012/03/13 1:0 a.m.34 views

CVE-2011-4817

The About option on the Help menu in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management...

6.2AI score0.01196EPSS
Exploits0References6
Cvelist
Cvelist
added 2012/03/13 1:0 a.m.24 views

CVE-2012-0195

Cross-site scripting XSS vulnerability in the Start Center Layout and Configuration component in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service...

5.7AI score0.01929EPSS
Exploits0References6
CVE
CVE
added 2012/03/13 1:0 a.m.60 views

CVE-2011-1397

CVE-2011-1397 is a CSRF vulnerability in IBM Maximo and related products (Asset Management, Essentials, Tivoli AM for IT, Service Request Manager, Maximo Service Desk, CCMDB) affecting 6.2, 7.1, 7.2 and 7.5. Attack could hijack user authentication via the Labor Reporting page. IBM remediation via...

6.8CVSS7.3AI score0.01035EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2012/03/13 1:0 a.m.59 views

CVE-2011-4816

CVE-2011-4816 is a SQL injection vulnerability in the KPI component affecting IBM Maximo Asset Management and Asset Management Essentials (versions 6.2, 7.1, 7.5), IBM Tivoli Asset Management for IT (6.2, 7.1, 7.2), IBM Tivoli Service Request Manager (7.1, 7.2), IBM Maximo Service Desk (6.2), and...

6.5CVSS8AI score0.01677EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2012/03/02 7:55 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Gantt applet viewer in IBM Tivoli Change and Configuration Management Database CCMDB 7.2.1 and IBM ILOG JViews Gantt allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.01135EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2012/03/02 7:0 p.m.23 views

CVE-2012-0715

Cross-site scripting XSS vulnerability in the Gantt applet viewer in IBM Tivoli Change and Configuration Management Database CCMDB 7.2.1 and IBM ILOG JViews Gantt allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.6AI score0.01135EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.34 views

CentOS Update for postgresql84 CESA-2010:0430 centos5 i386

Check for the Version of postgresql84 OpenVAS Vulnerability Test CentOS Update for postgresql84 CESA-2010:0430 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

8.5CVSS9.2AI score0.04081EPSS
Exploits1References2
Rows per page
Query Builder