CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Summary IBM Forms Experience Builder could be susceptible to allowing for a denial of service, cause by an error in Apache POI Libraries Vulnerability Details CVEID: CVE-2014-3574 DESCRIPTION: Apache POI is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error wh...

5.5CVSS0.8AI score0.12569EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2018/06/16 8:7 p.m.•23 views

Security Bulletin: IBM Forms Experience Builder is vulnerable due to Apache Tomcat and Apache Commons FileUpload Vulnerabilities (CVE-2016-3092)

Summary IBM Forms Experience Builder could be susceptible to a denial of service, caused by an error in the Apache Commons FileUpload component. Vulnerability Details CVEID: CVE-2016-3092 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons...

7.8CVSS7.2AI score0.40246EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2018/06/16 8:4 p.m.•19 views

Security Bulletin: IBM Forms Experience Builder could be susceptible to a server-side request forgery (CVE-2016-6001)

Summary IBM Forms Experience Builder could be susceptible to a server-side request forgery SSRF allowing for some information disclosure of internal resources. Vulnerability Details CVEID: CVE-2016-6001 DESCRIPTION: IBM Forms Experience Builder could be susceptible to a server-side request forger...

3.5CVSS0.8AI score0.00138EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2018/06/16 8:3 p.m.•27 views

Security Bulletin: IBM Forms Experience Builder is vulnerable to XML External Entity (XXE) Processing (CVE-2016-0369)

Summary IBM Forms Experience Builder is vulnerable to an XML External Entity processing exposure potentially leading to information disclosure. Vulnerability Details CVEID : CVE-2016-0369 DESCRIPTION : IBM Forms Experience Builder could allow a remote attacker to obtain sensitive information,...

4CVSS5.4AI score0.00112EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2018/06/16 8:3 p.m.•15 views

Security Bulletin: IBM Forms Experience Builder is susceptible to a cross site scripting vulnerability (CVE-2016-0370)

Summary IBM Forms Experience Builder is susceptible to building an application by an administrator that could expose a cross site scripting vulnerability. Vulnerability Details CVEID: CVE-2016-0370 DESCRIPTION: IBM Forms Experience Builder is susceptible to building an application by an...

3.5CVSS4.8AI score0.0016EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2018/06/16 8:2 p.m.•13 views

Security Bulletin: IBM Forms Experience Builder vulnerable to CSRF when configured with non default settings (CVE-2016-2884)

Summary A cross-site request forgery attack is possible when configured with non default settings, caused by improper validation of user-supplied input. Vulnerability Details CVEID: CVE-2016-2884 DESCRIPTION: IBM Forms Experience Builder is vulnerable to cross-site request forgery, when configure...

8CVSS0.6AI score0.00096EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2018/06/16 7:52 p.m.•38 views

Security Bulletin: Vulnerability in JSoup affects IBM Forms Experience Builder (CVE-2015-6748)

Summary A JSoup vulnerablity which allows a remote attacker to exploit a specially-crafted URL to access user authentication credentials was addressed by IBM Forms Experience Builder. Vulnerability Details CVE-ID: CVE-2015-6748 Description: JSoup is vulnerable to cross-site scripting, caused by...

6.1CVSS1AI score0.02044EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2018/06/16 7:52 p.m.•14 views

Security Bulletin: IBM Forms Experience Builder is affected by a Dojo Toolkit vulnerability (CVE-2014-8917)

Summary IBM Forms Experience Builder uses the Dojo Toolkit which has a known cross-site scripting XSS vulnerability. Vulnerability Details CVEID: CVE-2014-8917 DESCRIPTION: IBM Dojo Toolkit is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote...

4.3CVSS0.7AI score0.00449EPSS

Exploits0Affected Software1

Cvelist•added 2018/04/12 9:0 p.m.•14 views

CVE-2014-6169

Cross-site scripting XSS vulnerability in IBM Forms Experience Builder 8.5.0 and 8.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 97777...

5.1AI score0.00154EPSS

Exploits0References2

CVE•added 2018/04/12 9:0 p.m.•35 views

CVE-2014-6169

CVE-2014-6169 affects IBM Forms Experience Builder 8.5.0 and 8.5.1. The issue is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The connected sources confirm the affected product versions and the XSS nature b...

5.4CVSS5AI score0.00154EPSS

Exploits0References2Affected Software1

Prion•added 2018/02/21 4:29 p.m.•11 views

Xxe

XML external entity XXE vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088...

4CVSS5.8AI score0.00112EPSS

Exploits0References2Affected Software1

OSV•added 2018/02/21 4:29 p.m.•1 views

CVE-2016-0369

2.7CVSS5.8AI score

Exploits0References2

CVE•added 2018/02/21 4:0 p.m.•36 views

CVE-2016-0369

IBM Forms Experience Builder versions 8.5, 8.5.1 and 8.6 are affected by an XML External Entity (XXE) processing vulnerability. The root cause is XXE when processing XML data, which could allow a remote authenticated attacker to obtain sensitive information. The CVSS v3 base score is 2.7 (LOW). R...

4CVSS3.1AI score0.00112EPSS

Exploits0References2Affected Software1

Cvelist•added 2018/02/21 4:0 p.m.•9 views

CVE-2016-0369

3AI score0.00112EPSS

Exploits0References2

NVD•added 2017/02/01 10:59 p.m.•11 views

CVE-2016-6001

IBM Forms Experience Builder could be susceptible to a server-side request forgery SSRF from the application design interface allowing for some information disclosure of internal resources...

3.5CVSS3.6AI score0.00138EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by