Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2019/04/23 7:30 p.m.17 views

Security Bulletin: Security vulnerability affects the Lifecycle Query Engine (LQE) that is shipped with Jazz Reporting Service (CVE-2019-4047)

Summary There is a security vulnerability in the Lifecycle Query Engine LQE shipped with Jazz Reporting Service. Vulnerability Details CVEID: CVE-2019-4047 DESCRIPTION: IBM Jazz Reporting Service JRS could allow an authenticated user to access the execution log files as a guest user, and obtain t...

4.3CVSS1.4AI score0.00441EPSS
Exploits0Affected Software1
OSV
OSVadded 2016/11/25 8:59 p.m.2 views

CVE-2016-0319

The XML parser in Lifecycle Query Engine LQE in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 allows remote authenticated administrators to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration in conjunction with an entity...

7.5CVSS5.8AI score0.00547EPSS
Exploits0References2
NVD
NVDadded 2016/11/25 8:59 p.m.13 views

CVE-2016-0316

Cross-site scripting XSS vulnerability in Lifecycle Query Engine LQE in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 and 6.0.2 before iFix003 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

5.4CVSS5AI score0.00168EPSS
Exploits0References2
CVE
CVEadded 2016/11/25 8:0 p.m.54 views

CVE-2016-0317

The CVE-2016-0317 issue affects IBM Jazz Reporting Service’s Lifecycle Query Engine (LQE) shipped with Jazz Reporting Service 6.0 and 6.0.1 (prior to 6.0.1 iFix006). The vulnerability enables remote attackers to hijack click actions (clickjacking) via unspecified vectors. The IBM advisory groups ...

6.5CVSS6.4AI score0.00212EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2016/11/25 8:0 p.m.17 views

CVE-2016-0317

Lifecycle Query Engine LQE in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

6.3AI score0.00212EPSS
Exploits0References2
CVE
CVEadded 2016/11/25 8:0 p.m.45 views

CVE-2016-0316

IBM Jazz Reporting Service’s Lifecycle Query Engine (LQE) is affected by CVE-2016-0316 (XSS). Affected products: Jazz Reporting Service 6.0 and 6.0.1; 6.0.1 is vulnerable to all listed issues, while 6.0.2 is affected by CVE-2016-0316. The vulnerability arises from improper validation of user-supp...

5.4CVSS5.3AI score0.00168EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2016/11/25 8:0 p.m.47 views

CVE-2016-0319

CVE-2016-0319 affects IBM Jazz Reporting Service (LQE) bundled with Jazz Reporting Service versions 6.0 and 6.0.1. The issue arises in the XML parser when processing XML data: an external entity declaration together with an entity reference enables a local authenticated administrator to read arbi...

7.5CVSS7.2AI score0.00547EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder