Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2016
CVE-2015-7421
Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7420.
CVSS Score
3.7
EPSS Score
0.003
Published
2016-01-01
CVE-2015-7420
Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7421.
CVSS Score
3.7
EPSS Score
0.004
Published
2016-01-01
CVE-2015-7415
Multiple cross-site scripting (XSS) vulnerabilities in IBM UrbanCode Deploy 6.0 before 6.0.1.12, 6.1 before 6.1.3.2, and 6.2 before 6.2.0.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVSS Score
5.4
EPSS Score
0.002
Published
2016-01-01
CVE-2015-7410
The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors.
CVSS Score
7.4
EPSS Score
0.002
Published
2016-01-01
CVE-2015-5049
SQL injection vulnerability in the API in IBM OpenPages GRC Platform 7.0 before 7.0.0.4 IF3 and 7.1 before 7.1.0.1 IF6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
5.4
EPSS Score
0.001
Published
2016-01-01
CVE-2015-4943
IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to cause a denial of service (MQXR service crash) via a series of connect and disconnect actions, a different vulnerability than CVE-2015-4942.
CVSS Score
5.3
EPSS Score
0.006
Published
2016-01-01
CVE-2015-4941
IBM WebSphere MQ Light 1.x before 1.0.2 mishandles abbreviated TLS handshakes, which allows remote attackers to cause a denial of service (MQXR service crash) via unspecified vectors.
CVSS Score
5.3
EPSS Score
0.006
Published
2016-01-01
CVE-2015-7489
IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses weak permissions (Everyone: Write) for Python scripts, which allows local users to gain privileges by modifying a script.
CVSS Score
7.8
EPSS Score
0.0
Published
2016-01-01
CVE-2015-7441
Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and Business Process Manager Advanced 7.5 through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.2 does not properly use SSL for its HTTPS connection, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.002
Published
2016-01-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved