605 matches found
CVE-2017-1609
IBM Quality Manager RQM 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (JSSE)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
CVE-2018-1691
IBM Rational Quality Manager RQM 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
CVE-2018-1605
IBM Rational Quality Manager RQM 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (JSSE)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
xunfeng Command Injection Vulnerability
xunfeng is a rapid vulnerability response and asset scanning system for enterprise intranets. A command injection vulnerability exists in xunfeng version 0.2.0, which stems from the failure of the masscan.py file to properly handle backquote characters and can be exploited by an attacker to execu...
IBM Rational DOORS Next Generation Cross-Site Scripting Vulnerability
IBM Rational DOORS Next Generation DNG/RRC is a suite of software for capturing, tracking, analyzing, and managing requirements from IBM, USA. The software provides a single platform for global team collaboration to manage requirements more efficiently, sharing unified users, servers and project...
UBUNTU-CVE-2018-14395
libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service application crash caused by a divide-by-zero error with a user crafted audio file when converting to the MOV audio format...
IBM Rational Quality Manager Cross-Site Scripting Vulnerability (CNVD-2018-13752)
IBM Rational Quality Manager RQM is a collaborative, Web-based quality management solution from IBM. The program provides test planning and test evaluation management methods within the entire software development lifecycle, and the ability to share information, automation to accelerate the proje...
CVE-2018-1255
RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to a...
IBM DOORS Next Generation Cross-Site Scripting Vulnerability (CNVD-2018-12868)
IBM DOORS Next Generation DNG/RRC is a suite of software for capturing, tracking, analyzing, and managing requirements from IBM in the United States. The software provides a single platform for global team collaboration to manage requirements more efficiently and share unified user, server and...
IBM RQM/RCLM Cross-Site Scripting Vulnerability (CNVD-2018-12619)
IBM Rational Quality Manager is a Web-based collaborative quality management solution.IBM Rational Collaborative Lifecycle Management is an application lifecycle management solution. A cross-site scripting vulnerability exists in the implementation of IBM Rational Quality Manager and IBM Rational...
IBM RQM/RCLM Cross-Site Scripting Vulnerability (CNVD-2018-12633)
IBM Rational Quality Manager is a Web-based collaborative quality management solution.IBM Rational Collaborative Lifecycle Management is an application lifecycle management solution. A cross-site scripting vulnerability exists in the implementation of IBM Rational Quality Manager and IBM Rational...
IBM RQM/RCLM Information Disclosure Vulnerability
IBM Rational Quality Manager is a Web-based collaborative quality management solution.IBM Rational Collaborative Lifecycle Management is an application lifecycle management solution. IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management versions 5.0-5.0.2 and 6.0-6.0.5...
CVE-2017-1281
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially...
CVE-2017-1316
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially...
IBM Rhapsody Design Manager Information Disclosure Vulnerability
IBM Rhapsody Design Manager DM is a suite of collaborative design management software from IBM. The software supports the use of centralized system repositories with Web-based access to store, share, search, and manage design models, as well as software to automate design reviews. A security...
Exiv2 'readHeader' Function Denial of Service Vulnerability
Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides fast and easy reading and writing of image metadata in a variety of EXIF, IPTC and XMP formats. A security vulnerability exists in the 'readHeader' functi...
Django Information Disclosure Vulnerability (CNVD-2018-04846)
Django is a set of Django Software Foundation based on the Python language open source Web application framework. The framework includes object-oriented mapper , view system , template system and so on. A security vulnerability exists in django.contrib.auth.forms.AuthenticationForm in Django...
IBM Tealeaf Customer Experience Session Vulnerability
IBM Tealeaf Customer Experience is a SaaS Software-as-a-Service based analytics solution for web and mobile applications from IBM, USA. The solution helps clients improve the overall user experience by analyzing and understanding data, and supports the adoption of advanced user interfaces for ric...