threat
engine
.sh
Back
·
··:··
Home
/
Product
/
ibm rational engineering lifecycle manager
Product
ibm rational engineering lifecycle manager
141 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2021-29844
all versions
IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to sen
8.8
HIGH
CVE-2021-29786
all versions
IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user. IBM X-Force ID: 20
6.5
MEDIUM
CVE-2021-29774
all versions
IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-
7.5
HIGH
CVE-2021-29713
all versions
IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScrip
5.4
MEDIUM
CVE-2021-29673
all versions
IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScrip
5.4
MEDIUM
CVE-2020-5004
all versions
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4974
all versions
IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to sen
6.3
MEDIUM
CVE-2021-20507
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2020-5031
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2021-29670
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2021-29668
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2021-20371
all versions
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to obtain sensitive information when an error messa
6.5
MEDIUM
CVE-2021-20348
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20347
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20346
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20345
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20343
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery (SSRF). This may allow an authentic
5.4
MEDIUM
CVE-2021-20338
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2020-5030
all versions
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2020-4977
all versions
IBM Engineering Lifecycle Optimization - Publishing is vulnerable to stored cross-site scripting. This vulnerability allows users
5.4
MEDIUM
CVE-2020-4732
all versions
IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to obtain sensitive information due to lack of
6.5
MEDIUM
CVE-2020-4495
all versions
IBM Jazz Foundation and IBM Engineering products could allow a remote attacker to bypass security restrictions, caused by improper
8.8
HIGH
CVE-2021-20519
all versions
IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScrip
5.4
MEDIUM
CVE-2020-4965
all versions
IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sen
7.5
HIGH
CVE-2020-4964
all versions
IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized
4.3
MEDIUM
CVE-2020-4920
all versions
IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary Ja
5.4
MEDIUM
CVE-2021-20520
all versions
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2021-20518
all versions
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2021-20506
all versions
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2021-20504
all versions
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2021-20503
all versions
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2021-20502
all versions
IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote at
7.1
HIGH
CVE-2021-20447
all versions
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2021-20352
all versions
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2021-20357
all versions
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4865
all versions
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4855
all versions
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4547
all versions
IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to
5.4
MEDIUM
CVE-2020-4524
all versions
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4733
all versions
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4697
all versions
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4691
all versions
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2020-4544
all versions
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message
4.3
MEDIUM
CVE-2020-4487
all versions
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message
4.3
MEDIUM
CVE-2020-4546
all versions
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary
5.4
MEDIUM
CVE-2020-4522
all versions
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary
5.4
MEDIUM
CVE-2020-4445
all versions
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary
5.4
MEDIUM
CVE-2019-4252
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the s
7.5
HIGH
CVE-2019-4250
>= 6.0 and <= 6.0.6.1
IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scr
5.4
MEDIUM
CVE-2019-4249
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2019-4084
>= 6.0 and <= 6.0.6.1
IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated us
4.3
MEDIUM
CVE-2019-4083
>= 6.0 and <= 6.0.6.1
IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scr
5.4
MEDIUM
CVE-2018-1893
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2018-1892
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2018-1828
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2018-1827
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2018-1826
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2018-1760
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2018-1758
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allo
5.4
MEDIUM
CVE-2018-1734
>= 6.0 and <= 6.0.6.1
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be
4.3
MEDIUM
CVE-2018-1608
>= 6.0 and <= 6.0.6
IBM Rational Engineering Lifecycle Manager 6.0 through 6.0.6 uses weaker than expected cryptographic algorithms that could allow a
5.9
MEDIUM
CVE-2018-1952
>= 5.0 and <= 6.0.6
IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This vul
5.4
MEDIUM
CVE-2018-1929
>= 5.0 and <= 5.0.2
IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 could allow a malicious user to be allowed to view any view if he kno
4.3
MEDIUM
CVE-2018-1916
>= 5.0 and <= 6.0.6
IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This vul
5.4
MEDIUM
CVE-2018-1914
>= 5.0 and <= 6.0.6
IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows user
5.4
MEDIUM
CVE-2018-1910
>= 5.0 and <= 6.0.6
IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows user
5.4
MEDIUM
CVE-2018-1688
>= 5.0 and <= 6.0.6
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 through 6.0.6) is vulnerable to cross-site scripting. Thi
5.4
MEDIUM
CVE-2018-1762
>= 5.0.0 and <= 5.0.2
IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. Th
5.4
MEDIUM
CVE-2018-1694
>= 5.0.0 and <= 5.0.2
IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS
5.9
MEDIUM
CVE-2018-1606
>= 5.0.0 and <= 5.0.2
IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational
4.3
MEDIUM
CVE-2018-1846
>= 5.0 and <= 5.0.2
IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to a XML External Entity Injecti
7.1
HIGH
CVE-2018-1558
>= 5.0 and <= 5.0.2
IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. Thi
5.4
MEDIUM
CVE-2018-1659
>= 5.0 and <= 5.0.2
IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vuln
5.4
MEDIUM
CVE-2018-1607
>= 5.0 and <= 5.0.2
IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to a XML External Entity Injection
7.1
HIGH
CVE-2018-1588
>= 5.0 and <= 5.0.2
IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6) is vulnerable to a XML Ext
7.1
HIGH
CVE-2018-1560
>= 5.0 and <= 5.0.2
IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vuln
5.4
MEDIUM
CVE-2018-1539
>= 5.0.0 and <= 5.0.2
IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 could allow remote attackers to bypass authentic
5.4
MEDIUM
CVE-2018-1394
>= 5.0.0 and <= 5.0.2
Multiple IBM Rational products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScri
5.4
MEDIUM
CVE-2017-1753
>= 5.0.0 and <= 5.0.2
Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when vi
5.4
MEDIUM
CVE-2018-1492
>= 5.0 and <= 5.0.2
IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's f
4.3
MEDIUM
CVE-2018-1423
>= 5.0 and <= 5.0.2
IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attac
4.3
MEDIUM
CVE-2017-1559
>= 6.0.0 and <= 6.0.5
Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts vulnerable requests. IBM X-Forc
3.1
LOW
CVE-2017-1509
>= 6.0.0 and <= 6.0.5
IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be us
4.3
MEDIUM
CVE-2017-1488
>= 6.0.0 and <= 6.0.5
An undisclosed vulnerability in Jazz common products exists with potential for information disclosure. IBM X-Force ID: 128627.
3.7
LOW
CVE-2017-1237
>= 6.0.0 and <= 6.0.5
IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2017-1734
>= 5.0 and <= 5.0.2
IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next
4.3
MEDIUM
CVE-2017-1725
>= 5.0 and <= 5.0.2
IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next
4.3
MEDIUM
CVE-2017-1700
>= 5.0 and <= 5.0.2
IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next
6.5
MEDIUM
CVE-2017-1762
>= 4.0.3 and <= 4.0.7
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vuln
5.4
MEDIUM
CVE-2017-1655
>= 4.0.3 and <= 4.0.7
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vuln
5.4
MEDIUM
CVE-2017-1629
>= 4.0.3 and <= 4.0.7
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vuln
5.4
MEDIUM
CVE-2017-1602
>= 4.0.3 and <= 4.0.7
IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that
4.3
MEDIUM
CVE-2017-1524
>= 4.0.3 and <= 4.0.7
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to obtain sens
4.3
MEDIUM
CVE-2015-7449
>= 4.0.3 and <= 4.0.7
IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFi
3.3
LOW
CVE-2015-7471
>= 4.0.3 and <= 4.0.7
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Inter
4.8
MEDIUM
CVE-2015-7453
>= 4.0.3 and <= 4.0.7
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Inter
6.1
MEDIUM
CVE-2015-7440
>= 4.0.3 and <= 4.0.7
IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x b
7.8
HIGH
CVE-2017-1653
>= 6.0 and <= 6.0.4
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 6.0.x) is vulnerable to cross-site scripting. This vulnerabil
5.4
MEDIUM
CVE-2016-0219
all versions
XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix
6.5
MEDIUM
CVE-2015-7486
>= 3.0 and <= 3.0.1.6
Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0
5.4
MEDIUM
CVE-2015-7485
>= 3.0 and <= 3.0.1.6
Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0
5.4
MEDIUM
CVE-2015-7484
>= 3.0 and <= 3.0.1.6
IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authent
4.3
MEDIUM
CVE-2015-7474
>= 3.0 and <= 3.0.1.6
Cross-site scripting (XSS) vulnerability in Jazz Foundation in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7
5.4
MEDIUM
CVE-2017-1365
>= 4.0.3 and <= 4.0.7
IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle Management 4.0, 5.0., and 6.0) is vulnerable to cross-site sc
5.4
MEDIUM
CVE-2017-1191
>= 4.0.3 and <= 4.0.7
An undisclosed vulnerability in CLM applications (including IBM Rational Collaborative Lifecycle Management 4.0, 5.0, and 6.0) wit
4.3
MEDIUM
CVE-2017-1507
all versions
IBM Jazz Foundation Products could disclose sensitive information during a scan that could lead to further attacks against the sys
4.3
MEDIUM
CVE-2017-1570
all versions
IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID:
4.3
MEDIUM
CVE-2017-1251
all versions
An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacke
4.3
MEDIUM
CVE-2017-1240
all versions
IBM Rhapsody DM products could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124359.
4.3
MEDIUM
CVE-2016-6024
all versions
IBM Jazz technology based products might divulge information that might be useful in helping attackers through error messages. IBM
4.3
MEDIUM
CVE-2017-1429
all versions
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript co
5.4
MEDIUM
CVE-2017-1369
all versions
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript co
5.4
MEDIUM
CVE-2017-1364
all versions
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript co
5.4
MEDIUM
CVE-2017-1359
all versions
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript co
5.4
MEDIUM
CVE-2017-1335
all versions
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript co
5.4
MEDIUM
CVE-2017-1334
all versions
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript co
5.4
MEDIUM
CVE-2017-1324
all versions
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript co
5.4
MEDIUM
CVE-2017-1168
all versions
IBM Rational Engineering Lifecycle Manager 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows user
5.4
MEDIUM
CVE-2016-9700
all versions
IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-F
4.3
MEDIUM
CVE-2016-9747
all versions
IBM RELM 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript cod
5.4
MEDIUM
CVE-2017-1099
all versions
IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions. IB
4.3
MEDIUM
CVE-2016-9973
all versions
IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in t
5.4
MEDIUM
CVE-2016-9735
all versions
IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781,
4.3
MEDIUM
CVE-2016-9707
all versions
IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing X
8.1
HIGH
CVE-2016-2987
all versions
An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacke
4.3
MEDIUM
CVE-2016-3014
all versions
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before
5.4
MEDIUM
CVE-2016-2926
all versions
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.
5.4
MEDIUM
CVE-2016-2986
all versions
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 6.x before 6.0.1 iFix6, Rational Quali
5.4
MEDIUM
CVE-2016-2947
all versions
IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rati
2.7
LOW
CVE-2016-2864
all versions
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7
5.4
MEDIUM
CVE-2016-0372
all versions
IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 be
3.7
LOW
CVE-2016-0284
all versions
The XML parser in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2
5.4
MEDIUM
CVE-2016-0273
all versions
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7
5.4
MEDIUM
CVE-2015-4962
all versions
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x bef
3.5
LOW
CVE-2015-4946
all versions
Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x
3.3
LOW
CVE-2015-1971
all versions
Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and
4.3
MEDIUM
CVE-2015-1928
all versions
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x bef
6.8
MEDIUM
CVE-2015-0112
all versions
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x
CVE-2015-0113
all versions
The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.
CVE-2014-3092
all versions
IBM Jazz Team Server, as used in Rational Collaborative Lifecycle Management; Rational Quality Manager 3.x before 3.0.1.6 iFix 3,
CVE-2014-3037
<= 4.06
Cross-site request forgery (CSRF) vulnerability in IBM Configuration Management Application (aka VVC) in IBM Rational Engineering
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin