CVE-2024-22361

IBM Semeru Runtime 8.0.302.0 through 8.0.392.0, 11.0.12.0 through 11.0.21.0, 17.0.1.0 - 17.0.9.0, and 21.0.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 281222...

CVE-2022-33159

IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 228567...

CVE-2022-40753

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 236688...

CVE-2021-29774

IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-Force ID: 203025...

CVE-2020-4698

IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentia...

Security Bulletin: IBM API Connect is impacted by a cross-site scripting vulnerability in jQuery (XForce ID 180875)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details Third Party Entry: 180875 DESCRIPTION: jQuery cross-site scripting CVSS Base score: 6.1 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180875 for the current score. CVSS Vector...

CVE-2019-4292

IBM Security Guardium 10.5 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable web server. IBM X-Force ID: 160698...

CVE-2019-4337

IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain sensitive information due to missing authentication in Ignite nodes. IBM X-Force ID: 161412...

CVE-2018-1982

IBM Rational Team Concert 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 1541...

CVE-2018-1764

IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

VLC Media Player TiVo Demuxer Double Free Vulnerability (Mac OS X)

This host is installed with VLC Media Player and is prone to double free vulnerability. OpenVAS Vulnerability Test $Id: gbvlcmediaplayerdemuxerdoublefreevulnmacosx.nasl 5988 2017-04-20 09:02:29Z teissa $ VLC Media Player TiVo Demuxer Double Free Vulnerability Mac OS X Authors: Antu Sanadi...

HP SiteScope Cross-Site Scripting and Session Fixation Vulnerabilities

This host is running HP SiteScope and is prone to cross-site scripting and session fixation vulnerabilities. OpenVAS Vulnerability Test $Id: gbhpsitescopexssnsessionfixationvuln.nasl 5390 2017-02-21 18:39:27Z mime $ HP SiteScope Cross-Site Scripting and Session Fixation Vulnerabilities Authors:...