Total
992 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-2019 | 1 Ibm | 1 Security Identity Manager | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Security Identity Manager 6.0.0 Virtual Appliance is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 155265. | |||||
| CVE-2018-1970 | 1 Ibm | 1 Security Access Manager | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Security Identity Manager 7.0.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 153751. | |||||
| CVE-2018-1920 | 1 Ibm | 1 Marketing Platform | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 152855. | |||||
| CVE-2018-1905 | 1 Ibm | 1 Websphere Application Server | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM WebSphere Application Server 9.0.0.0 through 9.0.0.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 152534. | |||||
| CVE-2018-1846 | 1 Ibm | 1 Rational Engineering Lifecycle Manager | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150945. | |||||
| CVE-2018-1844 | 1 Ibm | 1 Filenet Content Manager | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150904. | |||||
| CVE-2018-1835 | 1 Ibm | 1 Daeja Viewone | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Daeja ViewONE Professional, Standard & Virtual 5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150514. | |||||
| CVE-2018-1821 | 1 Ibm | 1 Operational Decision Manager | 2019-10-09 | 6.4 MEDIUM | 9.1 CRITICAL |
| IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150170. | |||||
| CVE-2018-1801 | 1 Ibm | 3 App Connect, Integration Bus, Websphere Message Broker | 2019-10-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13, IBM Integration Bus V9.0.0.0 through V9.0.0.10, and WebSphere Message Broker V8.0.0.0 through V8.0.0.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to consume memory resources. IBM X-Force ID: 149639. | |||||
| CVE-2018-1747 | 1 Ibm | 1 Security Key Lifecycle Manager | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 148428. | |||||
| CVE-2018-1730 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM QRadar SIEM 7.2 and 7.3 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 147709. | |||||
| CVE-2018-1727 | 1 Ibm | 1 Infosphere Information Server | 2019-10-09 | 6.4 MEDIUM | 9.1 CRITICAL |
| IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 147630. | |||||
| CVE-2018-1702 | 1 Ibm | 2 Platform Symphony, Spectrum Symphony | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 146189. | |||||
| CVE-2018-1669 | 1 Ibm | 1 Datapower Gateway | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 - 7.5.0.16, 7.5.1.0 - 7.5.1.15, 7.5.2.0 - 7.5.2.15, and 7.6.0.0 - 7.6.0.8 as well as IBM DataPower Gateway CD 7.7.0.0 - 7.7.1.2 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 144950. | |||||
| CVE-2018-1607 | 1 Ibm | 1 Rational Engineering Lifecycle Manager | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 143797. | |||||
| CVE-2018-1588 | 1 Ibm | 1 Rational Engineering Lifecycle Manager | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6) is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 143501. | |||||
| CVE-2018-1542 | 1 Ibm | 2 Content Foundation, Filenet Content Manager | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 142597. | |||||
| CVE-2018-1424 | 1 Ibm | 1 Marketing Platform | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Marketing Platform 9.1.0, 9.1.2, and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 139029. | |||||
| CVE-2018-1421 | 1 Ibm | 1 Datapower Gateway | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM WebSphere DataPower Appliances 7.1, 7.2, 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 139023. | |||||
| CVE-2018-1077 | 1 Redhat | 2 Satellite, Spacewalk | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| Spacewalk 2.6 contains an API which has an XXE flaw allowing for the disclosure of potentially sensitive information from the server. | |||||