Filtered by vendor Ibm
Subscriptions
Filtered by product Engineering Requirements Management Doors
Subscriptions
Total
13 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-1567 | 1 Ibm | 1 Engineering Requirements Management Doors | 2025-02-05 | N/A |
| IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131769. | ||||
| CVE-2017-1532 | 1 Ibm | 1 Engineering Requirements Management Doors | 2025-02-05 | N/A |
| IBM DOORS 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130411. | ||||
| CVE-2017-1540 | 1 Ibm | 1 Engineering Requirements Management Doors | 2025-02-05 | N/A |
| IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130808. | ||||
| CVE-2017-1545 | 1 Ibm | 1 Engineering Requirements Management Doors | 2025-02-05 | N/A |
| IBM Doors Web Access 9.5 and 9.6 could allow an attacker with physical access to the system to log into the application using previously stored credentials. IBM X-Force ID: 130914. | ||||
| CVE-2017-1563 | 1 Ibm | 1 Engineering Requirements Management Doors | 2025-02-05 | N/A |
| IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131763. | ||||
| CVE-2018-1457 | 3 Ibm, Linux, Microsoft | 3 Engineering Requirements Management Doors, Linux Kernel, Windows | 2025-02-05 | 9.8 Critical |
| An undisclosed vulnerability in IBM Rational DOORS 9.5.1 through 9.6.1.10 application allows an attacker to gain DOORS administrator privileges. IBM X-Force ID: 140208. | ||||
| CVE-2017-1515 | 1 Ibm | 1 Engineering Requirements Management Doors | 2025-02-05 | N/A |
| IBM Doors Web Access 9.5 and 9.6 could allow an authenticated user to obtain sensitive information from HTTP internal server error responses. IBM X-Force ID: 129825. | ||||
| CVE-2017-1516 | 1 Ibm | 1 Engineering Requirements Management Doors | 2025-02-05 | N/A |
| IBM Doors Web Access 9.5 and 9.6 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 129826. | ||||
| CVE-2024-41787 | 1 Ibm | 1 Engineering Requirements Management Doors | 2025-01-10 | 9.8 Critical |
| IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 could allow a remote attacker to bypass security restrictions, caused by a race condition. By sending a specially crafted request, an attacker could exploit this vulnerability to remotely execute code. | ||||
| CVE-2023-50305 | 1 Ibm | 2 Engineering Requirements Management Doors, Engineering Requirements Management Doors Web Access | 2024-11-21 | 5.1 Medium |
| IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 273336. | ||||
| CVE-2023-50304 | 1 Ibm | 2 Engineering Requirements Management Doors, Engineering Requirements Management Doors Web Access | 2024-11-21 | 7.1 High |
| IBM Engineering Requirements Management DOORS Web Access 9.7.2.8 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 273335. | ||||
| CVE-2023-28949 | 1 Ibm | 2 Engineering Requirements Management Doors, Engineering Requirements Management Doors Web Access | 2024-11-21 | 6.5 Medium |
| IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 251216. | ||||
| CVE-2023-28525 | 1 Ibm | 2 Engineering Requirements Management Doors, Engineering Requirements Management Doors Web Access | 2024-11-21 | 4.8 Medium |
| IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 251052. | ||||
Page 1 of 1.