CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Ibm: >> Curam Social Program Management >> 6.0.4.6 Security Vulnerabilities

CVE-2016-6111

IBM Curam Social Program Management 6.0 and 7.0 are vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000833.

CVSS Score

9.1

EPSS Score

0.004

Published

2017-03-31

CVE-2014-3096

Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management before 6.0.5.5a allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CVSS Score

3.5

EPSS Score

0.002

Published

2015-01-10

Page 2

Vulnerabilities

Vulnerable Software

Ibm: >> Curam Social Program Management >> 6.0.4.6 Security Vulnerabilities

Products

Pricing

Contact Us