Filtered by vendor Ibm
Subscriptions
Filtered by product Tivoli Netcool\/omnibus
Subscriptions
Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-4196 | 1 Ibm | 1 Tivoli Netcool\/omnibus | 2024-09-17 | 5.4 Medium |
| IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174907. | ||||
| CVE-2020-4199 | 1 Ibm | 1 Tivoli Netcool\/omnibus | 2024-09-17 | 4.3 Medium |
| IBM Tivoli Netcool/OMNIbus 8.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 174910. | ||||
| CVE-2020-4197 | 1 Ibm | 1 Tivoli Netcool\/omnibus | 2024-09-16 | 2.4 Low |
| IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174908. | ||||
| CVE-2020-4198 | 1 Ibm | 1 Tivoli Netcool\/omnibus | 2024-09-16 | 5.4 Medium |
| IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174909. | ||||
| CVE-2011-1343 | 1 Ibm | 1 Tivoli Netcool\/omnibus | 2024-08-06 | N/A |
| SQL injection vulnerability in the Web GUI in IBM Tivoli Netcool/OMNIbus before 7.3.0.4 allows remote attackers to execute arbitrary SQL commands via "dynamic SQL parameters." | ||||
| CVE-2014-3032 | 1 Ibm | 1 Tivoli Netcool\/omnibus | 2024-08-06 | N/A |
| Cross-site scripting (XSS) vulnerability in the Web GUI in IBM Tivoli Netcool/OMNIbus 7.3.0 before 7.3.0.6, 7.3.1 before 7.3.1.7, and 7.4.0 before 7.4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2014-0942 | 1 Ibm | 1 Tivoli Netcool\/omnibus | 2024-08-06 | N/A |
| Cross-site scripting (XSS) vulnerability in webtop/eventviewer/eventViewer.jsp in the Web GUI in IBM Netcool/OMNIbus 7.4.0 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-0941. | ||||
| CVE-2014-0941 | 1 Ibm | 1 Tivoli Netcool\/omnibus | 2024-08-06 | N/A |
| Cross-site scripting (XSS) vulnerability in webtop/eventviewer/eventViewer.jsp in the Web GUI in IBM Netcool/OMNIbus 7.4.0 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-0942. | ||||
Page 1 of 1.