Vulnerabilidades en IBM Corporation

288 resultados
Análisis Vexday

O portfólio de vulnerabilidades catalogadas para IBM Corporation totaliza 288 CVEs, com taxa de exploração ativa abaixo da média geral do catálogo — nenhuma entrada consta no CISA KEV e não há registros de severidade crítica ou novas ocorrências nos últimos 90 dias, o que indica estabilidade no volume de exposições recentes. Ainda assim, a presença de 4 CVEs com prova de conceito pública exige atenção contínua, pois facilita a reprodução de ataques por agentes com capacidade técnica limitada. O destaque de maior risco no momento é CVE-2017-1092, que apresenta pontuação EPSS de 0,7577 — valor elevado que sinaliza probabilidade estatisticamente relevante de exploração —, sugerindo que, apesar da ausência de confirmação no KEV, essa vulnerabilidade deve ser tratada como prioridade em processos de remediação e monitoramento.

CVE-2017-1146IBM Content Navigator 2.0.3 and 3.0.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript EPSS 0.5%CVE-2016-5940IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the WebEPSS 0.5%CVE-2016-5980IBM TRIRIGA Application Platform is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code iEPSS 0.5%CVE-2016-9731IBM Business Process Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in thEPSS 0.5%CVE-2016-6123IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavEPSS 0.5%CVE-2016-6056IBM Call Center for Commerce 9.3 and 9.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScripEPSS 0.5%CVE-2017-1160IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x is vulnerable to cross-site scripting. This vulnerability alloEPSS 0.5%CVE-2016-2992IBM Infosphere BigInsights is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the EPSS 0.5%CVE-2016-9693IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download capability that is vulnerable to a set of attacks. Ultimately, an attackeEPSS 0.5%CVE-2016-6084IBM BigFix Platform could allow an attacker on the local network to crash the BES server using a specially crafted XMLSchema request.EPSS 0.5%CVE-2016-5932IBM Connections 4.0, 4.5, 5.0, and 5.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript EPSS 0.5%CVE-2016-9006IBM UrbanCode Deploy 6.1 and 6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code iEPSS 0.5%CVE-2016-0310IBM Connections 5.5 and earlier is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain.EPSS 0.5%CVE-2016-3015IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the WEPSS 0.5%CVE-2016-3031IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the WEPSS 0.5%CVE-2017-1133IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus EPSS 0.5%CVE-2017-1320IBM Tivoli Federated Identity Manager 6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScriEPSS 0.5%CVE-2016-6055IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitraEPSS 0.5%CVE-2016-5888IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript coEPSS 0.5%CVE-2016-6035IBM Rational Quality Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in thEPSS 0.5%