NotCVE - vendor:"Ibm" product:"Host On-demand" version:"11.0.5.1"

6 results (0.027 seconds)

CVSS: 6.1EPSS: 0%CPEs: 14EXPL: 0

CVE-2015-5002

https://notcve.org/view.php?id=CVE-2015-5002

18 Jan 2016 — Cross-site scripting (XSS) vulnerability in IBM Host On-Demand 11.0 through 11.0.14 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en IBM Host On-Demand 11.0 hasta la versión 11.0.14 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de una URL manipulada. • http://www-01.ibm.com/support/docview.wss?uid=swg21973985 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.1EPSS: 3%CPEs: 101EXPL: 1

CVE-2013-4002 – OpenJDK: XML parsing Denial of Service (JAXP, 8017298)

https://notcve.org/view.php?id=CVE-2013-4002

23 Jul 2013 — XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute... • https://github.com/tafamace/CVE-2013-4002 • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 44%CPEs: 128EXPL: 0

CVE-2012-4821 – JDK: getDeclaredMethods() and setAccessible() code execution

https://notcve.org/view.php?id=CVE-2012-4821

11 Jan 2013 — Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote... • http://rhn.redhat.com/errata/RHSA-2012-1467.html •

CVSS: 9.8EPSS: 86%CPEs: 128EXPL: 0

CVE-2012-4823 – JDK: java.lang.ClassLoder defineClass() code execution

https://notcve.org/view.php?id=CVE-2012-4823

11 Jan 2013 — Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers... • http://rhn.redhat.com/errata/RHSA-2012-1466.html •

CVSS: 9.8EPSS: 20%CPEs: 128EXPL: 0

CVE-2012-4820 – JDK: java.lang.reflect.Method invoke() code execution

https://notcve.org/view.php?id=CVE-2012-4820

11 Jan 2013 — Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a se... • http://rhn.redhat.com/errata/RHSA-2012-1465.html •

CVSS: 9.8EPSS: 87%CPEs: 128EXPL: 0

CVE-2012-4822 – JDK: java.lang.class code execution

https://notcve.org/view.php?id=CVE-2012-4822