Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2017
CVE-2016-6001
IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from the application design interface allowing for some information disclosure of internal resources.
CVSS Score
3.1
EPSS Score
0.001
Published
2017-02-01
CVE-2016-6068
IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-02-01
CVE-2016-6110
IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user.
CVSS Score
6.5
EPSS Score
0.001
Published
2017-02-01
CVE-2016-6115
IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash.
CVSS Score
7.2
EPSS Score
0.031
Published
2017-02-01
CVE-2016-8919
IBM WebSphere Application Server may be vulnerable to a denial of service, caused by allowing serialized objects from untrusted sources to run and cause the consumption of resources.
CVSS Score
7.5
EPSS Score
0.009
Published
2017-02-01
CVE-2016-8928
IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVSS Score
7.6
EPSS Score
0.004
Published
2017-02-01
CVE-2016-8929
IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVSS Score
5.4
EPSS Score
0.003
Published
2017-02-01
CVE-2016-8930
IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVSS Score
7.6
EPSS Score
0.004
Published
2017-02-01
CVE-2016-8931
IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
CVSS Score
8.8
EPSS Score
0.023
Published
2017-02-01
CVE-2016-8932
IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
CVSS Score
8.8
EPSS Score
0.023
Published
2017-02-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved