threat
engine
.sh
Back
·
··:··
Home
/
Product
/
ibm rational doors next generation
Product
ibm rational doors next generation
153 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2021-29844
all versions
IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to sen
8.8
HIGH
CVE-2021-29786
all versions
IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 20
6.5
MEDIUM
CVE-2021-29774
all versions
IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-
7.5
HIGH
CVE-2021-29713
all versions
IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScrip
5.4
MEDIUM
CVE-2021-29673
all versions
IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScrip
5.4
MEDIUM
CVE-2020-5004
all versions
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4974
all versions
IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to sen
6.3
MEDIUM
CVE-2021-20507
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2020-5031
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2021-29670
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2021-29668
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2021-20371
all versions
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an error messa
6.5
MEDIUM
CVE-2021-20348
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20347
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20346
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20345
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20343
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20338
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2020-5030
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2020-4977
all versions
IBM Engineering Lifecycle Optimization - Publishing is vulnerable to stored cross-site scripting. This vulnerability allows users
5.4
MEDIUM
CVE-2020-4732
all versions
IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to obtain sensitive information due to lack of
6.5
MEDIUM
CVE-2020-4495
all versions
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions, caused by improper
8.8
HIGH
CVE-2021-20351
all versions
IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript cod
5.4
MEDIUM
CVE-2021-20350
all versions
IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript cod
5.4
MEDIUM
CVE-2021-20340
all versions
IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript cod
5.4
MEDIUM
CVE-2020-4975
all versions
IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript cod
5.4
MEDIUM
CVE-2020-4866
all versions
IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript cod
5.4
MEDIUM
CVE-2020-4863
all versions
IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScr
5.4
MEDIUM
CVE-2020-4857
all versions
IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScr
5.4
MEDIUM
CVE-2020-4856
all versions
IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScr
5.4
MEDIUM
CVE-2020-4733
all versions
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4697
all versions
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4691
all versions
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4544
all versions
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message
4.3
MEDIUM
CVE-2020-4487
all versions
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message
4.3
MEDIUM
CVE-2020-4546
all versions
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary
5.4
MEDIUM
CVE-2020-4522
all versions
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary
5.4
MEDIUM
CVE-2020-4445
all versions
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary
5.4
MEDIUM
CVE-2019-4748
all versions
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary
5.4
MEDIUM
CVE-2020-4297
all versions
IBM DOORS Next Generation (DNG/RRC) 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allow
5.4
MEDIUM
CVE-2020-4295
all versions
IBM DOORS Next Generation (DNG/RRC) 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allow
5.4
MEDIUM
CVE-2020-4281
all versions
IBM DOORS Next Generation (DNG/RRC) 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allow
5.4
MEDIUM
CVE-2020-4252
all versions
IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulnerable to cross-site scripting. This vulnerability allows user
5.4
MEDIUM
CVE-2019-4746
all versions
IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulnerable to cross-site scripting. This vulnerability allows user
5.4
MEDIUM
CVE-2019-4740
all versions
IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulnerable to cross-site scripting. This vulnerability allows user
5.4
MEDIUM
CVE-2019-4737
all versions
IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulnerable to cross-site scripting. This vulnerability allows user
5.4
MEDIUM
CVE-2019-4252
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the s
7.5
HIGH
CVE-2019-4250
>= 6.0 and <= 6.0.6.1
IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scr
5.4
MEDIUM
CVE-2019-4249
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2019-4084
>= 6.0 and <= 6.0.6.1
IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated us
4.3
MEDIUM
CVE-2019-4083
>= 6.0 and <= 6.0.6.1
IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scr
5.4
MEDIUM
CVE-2018-1893
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2018-1892
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2018-1828
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2018-1827
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2018-1826
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2018-1760
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2018-1758
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2018-1734
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be
4.3
MEDIUM
CVE-2018-1952
>= 5.0 and <= 6.0.6
IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This vul
5.4
MEDIUM
CVE-2018-1916
>= 5.0 and <= 6.0.6
IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This vul
5.4
MEDIUM
CVE-2018-1688
>= 5.0 and <= 6.0.6
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 through 6.0.6) is vulnerable to cross-site scripting. Thi
5.4
MEDIUM
CVE-2018-1912
>= 6.0.2 and <= 6.0.6
IBM DOORS Next Generation (DNG/RRC) 6.0.2 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to
5.4
MEDIUM
CVE-2018-1911
>= 5.0.0 and <= 5.0.2
IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerabil
5.4
MEDIUM
CVE-2018-1762
>= 5.0.0 and <= 5.0.2
IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. Th
5.4
MEDIUM
CVE-2018-1694
>= 5.0.0 and <= 5.0.2
IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS
5.9
MEDIUM
CVE-2018-1606
>= 5.0.0 and <= 5.0.2
IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational
4.3
MEDIUM
CVE-2018-1558
>= 5.0 and <= 5.0.2
IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. Thi
5.4
MEDIUM
CVE-2018-1610
>= 5.0 and <= 5.0.2
IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerabil
5.4
MEDIUM
CVE-2018-1394
>= 5.0.0 and <= 5.0.2
Multiple IBM Rational products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScri
5.4
MEDIUM
CVE-2017-1753
>= 5.0.0 and <= 5.0.2
Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when vi
5.4
MEDIUM
CVE-2018-1422
>= 5.0 and <= 5.0.2
IBM Jazz Foundation products (IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.5) are vulnerable to cross-
5.4
MEDIUM
CVE-2018-1529
>= 5.0.0 and <= 5.0.2
IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 a
5.4
MEDIUM
CVE-2018-1492
>= 5.0 and <= 5.0.2
IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's f
4.3
MEDIUM
CVE-2018-1423
>= 5.0 and <= 5.0.2
IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attac
4.3
MEDIUM
CVE-2018-1494
all versions
IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerabil
5.4
MEDIUM
CVE-2017-1559
>= 6.0.0 and <= 6.0.5
Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts vulnerable requests. IBM X-Forc
3.1
LOW
CVE-2017-1509
>= 6.0.0 and <= 6.0.5
IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be us
4.3
MEDIUM
CVE-2017-1488
>= 6.0.0 and <= 6.0.5
An undisclosed vulnerability in Jazz common products exists with potential for information disclosure. IBM X-Force ID: 128627.
3.7
LOW
CVE-2017-1237
>= 6.0.0 and <= 6.0.5
IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2018-1507
all versions
IBM DOORS Next Generation (DNG/RRC) 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrar
5.4
MEDIUM
CVE-2017-1734
>= 5.0 and <= 5.0.2
IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next
4.3
MEDIUM
CVE-2017-1725
>= 5.0 and <= 5.0.2
IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next
4.3
MEDIUM
CVE-2017-1700
>= 5.0 and <= 5.0.2
IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next
6.5
MEDIUM
CVE-2017-1790
all versions
IBM DOORS Next Generation (DNG/RRC) 5.0, 5.0.1, 5.0.2, and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerabi
5.4
MEDIUM
CVE-2017-1762
>= 4.0.1 and <= 4.0.7
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vuln
5.4
MEDIUM
CVE-2017-1655
>= 4.0.1 and <= 4.0.7
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vuln
5.4
MEDIUM
CVE-2017-1629
>= 4.0.1 and <= 4.0.7
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vuln
5.4
MEDIUM
CVE-2017-1602
>= 4.0.1 and <= 4.0.7
IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that
4.3
MEDIUM
CVE-2017-1524
>= 4.0.1 and <= 4.0.7
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to obtain sens
4.3
MEDIUM
CVE-2015-7449
>= 4.0.0 and <= 4.0.7
IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFi
3.3
LOW
CVE-2015-7471
>= 4.0 and <= 4.0.7
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Inter
4.8
MEDIUM
CVE-2015-7453
>= 4.0 and <= 4.0.7
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Inter
6.1
MEDIUM
CVE-2015-7440
>= 4.0 and <= 4.0.7
IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x b
7.8
HIGH
CVE-2017-1653
>= 6.0 and <= 6.0.4
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 6.0.x) is vulnerable to cross-site scripting. This vulnerabil
5.4
MEDIUM
CVE-2016-0219
all versions
XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix
6.5
MEDIUM
CVE-2017-1365
>= 4.0.1 and <= 4.0.7
IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle Management 4.0, 5.0., and 6.0) is vulnerable to cross-site sc
5.4
MEDIUM
CVE-2017-1191
>= 4.0.1 and <= 4.0.7
An undisclosed vulnerability in CLM applications (including IBM Rational Collaborative Lifecycle Management 4.0, 5.0, and 6.0) wit
4.3
MEDIUM
CVE-2017-1546
all versions
IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to e
5.4
MEDIUM
CVE-2017-1507
all versions
IBM Jazz Foundation Products could disclose sensitive information during a scan that could lead to further attacks against the sys
4.3
MEDIUM
CVE-2017-1689
all versions
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary
5.4
MEDIUM
CVE-2017-1688
all versions
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary
5.4
MEDIUM
CVE-2017-1678
>= 4.0 and <= 4.0.7
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to em
5.4
MEDIUM
CVE-2017-1650
all versions
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary
5.4
MEDIUM
CVE-2017-1607
all versions
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary
5.4
MEDIUM
CVE-2017-1593
>= 4.0 and <= 4.0.7
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to em
5.4
MEDIUM
CVE-2017-1570
all versions
IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID:
4.3
MEDIUM
CVE-2017-1560
>= 4.0 and <= 4.0.7
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to em
5.4
MEDIUM
CVE-2017-1461
>= 4.0 and <= 4.0.7
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to em
5.4
MEDIUM
CVE-2017-1251
all versions
An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacke
4.3
MEDIUM
CVE-2017-1240
all versions
IBM Rhapsody DM products could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124359.
4.3
MEDIUM
CVE-2016-6024
all versions
IBM Jazz technology based products might divulge information that might be useful in helping attackers through error messages. IBM
4.3
MEDIUM
CVE-2017-1338
all versions
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to em
5.4
MEDIUM
CVE-2016-9700
all versions
IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-F
4.3
MEDIUM
CVE-2017-1099
all versions
IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions. IB
4.3
MEDIUM
CVE-2016-9973
all versions
IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in t
5.4
MEDIUM
CVE-2017-1278
all versions
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTM
5.4
MEDIUM
CVE-2017-1276
all versions
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to emb
5.4
MEDIUM
CVE-2017-1247
all versions
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to emb
5.4
MEDIUM
CVE-2017-1305
all versions
IBM DOORS Next Generation (DNG/RRC) 6.0.2 and 6.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embe
5.4
MEDIUM
CVE-2016-9735
all versions
IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781,
4.3
MEDIUM
CVE-2016-9707
all versions
IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing X
8.1
HIGH
CVE-2016-6055
all versions
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to emb
5.4
MEDIUM
CVE-2016-6060
all versions
An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project n
4.3
MEDIUM
CVE-2017-1128
all versions
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to emb
5.4
MEDIUM
CVE-2017-1127
all versions
IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embe
5.4
MEDIUM
CVE-2016-9748
all versions
IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for f
4.3
MEDIUM
CVE-2016-2987
all versions
An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacke
4.3
MEDIUM
CVE-2016-3014
all versions
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before
5.4
MEDIUM
CVE-2016-2926
all versions
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.
5.4
MEDIUM
CVE-2016-5955
all versions
Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 6.0.2 before iFix004 allows remote authenticated us
5.4
MEDIUM
CVE-2016-2986
all versions
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 6.x before 6.0.1 iFix6, Rational Quali
5.4
MEDIUM
CVE-2016-2947
all versions
IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rati
2.7
LOW
CVE-2016-2864
all versions
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7
5.4
MEDIUM
CVE-2016-0372
all versions
IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 be
3.7
LOW
CVE-2016-0284
all versions
The XML parser in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2
5.4
MEDIUM
CVE-2016-0273
all versions
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7
5.4
MEDIUM
CVE-2015-4962
all versions
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x bef
3.5
LOW
CVE-2015-4946
all versions
Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x
3.3
LOW
CVE-2015-1971
all versions
Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and
4.3
MEDIUM
CVE-2015-1928
all versions
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x bef
6.8
MEDIUM
CVE-2015-0130
all versions
Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management
CVE-2015-0112
all versions
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x
CVE-2015-0121
all versions
IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through 4.0.7 and Rational DOORS Next Generation (RDNG) 4.0 through
CVE-2015-0113
all versions
The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.
CVE-2015-0132
all versions
The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Compose
CVE-2015-0125
all versions
Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rat
CVE-2014-6131
all versions
IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x
CVE-2014-6129
all versions
IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x
CVE-2014-3092
all versions
IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3,
CVE-2014-0846
all versions
Cross-site scripting (XSS) vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and
CVE-2014-0845
all versions
Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOOR
CVE-2014-0844
all versions
Unspecified vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin