Security
Headlines
HeadlinesLatestCVEs

Tag

#ibm

CVE-2019-4298: IBM Robotic Process Automation privilege escalation CVE-2019-4298 Vulnerability Report

IBM Robotic Process Automation with Automation Anywhere 11 uses a high privileged PostgreSQL account for database access which could allow a local user to perform actions they should not have privileges to execute. IBM X-Force ID: 160764.

CVE
Open in Source
#sql#vulnerability#ibm#postgres
CVE-2019-4299: IBM Robotic Process Automation information disclosure CVE-2019-4299 Vulnerability Report

IBM Robotic Process Automation with Automation Anywhere 11 could allow a local user to obtain highly sensitive information from log files when debugging is enabled. IBM X-Force ID: 160765.

CVE-2019-4249: IBM Rational Collaborative Lifecycle Management cross-site scripting CVE-2019-4249 Vulnerability Report

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 159647.

CVE-2018-1892: IBM Rational Collaborative Lifecycle Management cross-site scripting CVE-2018-1892 Vulnerability Report

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152156.

CVE-2018-1893: IBM Rational Collaborative Lifecycle Management cross-site scripting CVE-2018-1893 Vulnerability Report

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152157.

CVE-2018-1828: IBM Rational Collaborative Lifecycle Management cross-site scripting CVE-2018-1828 Vulnerability Report

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150431.

CVE-2018-1734: IBM Rational Collaborative Lifecycle Management information disclosure CVE-2018-1734 Vulnerability Report

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be used by a malicious user to orchestrate further attacks. IBM X-Force ID: 147838.

CVE-2018-1758: IBM Rational Collaborative Lifecycle Management cross-site scripting CVE-2018-1758 Vulnerability Report

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148605.

CVE-2018-1760: IBM Rational Collaborative Lifecycle Management cross-site scripting CVE-2018-1760 Vulnerability Report

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148614.

CVE-2018-1826: IBM Rational Collaborative Lifecycle Management cross-site scripting CVE-2018-1826 Vulnerability Report

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150429.