Ibm Emptoris Contract Management — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Emptoris Contract Management, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2019-4481 — CVSS 9.8 (critical): IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to SQL injection. A…
CVE-2019-4483 — CVSS 9.8 (critical): IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to SQL injection. A…
CVE-2015-5050 — CVSS 8.8 (high): Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x…
CVE-2015-5042 — CVSS 7.5 (high): IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7…
CVE-2014-3041 — CVSS 6.5 (medium): SQL injection vulnerability in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 iFix 10, 10.0.0.x before 10.0.0.1 iFix 10, 10.0.1.x…
CVE-2014-3040 — CVSS 6.0 (medium): Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 iFix 10, 10.0.0.x before 10.0.0.1…
CVE-2020-4892 — CVSS 5.4 (medium): IBM Emptoris Contract Management 10.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2015-7398 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before…
CVE-2020-4897 — CVSS 5.3 (medium): IBM Emptoris Contract Management and IBM Emptoris Spend Analysis 10.1.0, 10.1.1, and 10.1.3 could allow a remote attacker to obtain…
CVE-2018-1961 — CVSS 5.3 (medium): IBM Emptoris Contract Management 10.0.0 and 10.1.3.0 could disclose sensitive information from detailed information from error messages…
CVE-2019-4308 — CVSS 4.3 (medium): IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and IBM Emptoris Spend Analysis 10.1.0 through…
CVE-2016-6018 — CVSS 4.3 (medium): IBM Emptoris Contract Management 10.0 and 10.1 reveals detailed error messages in certain features that could cause an attacker to gain…
CVE-2019-4484 — CVSS 4.3 (medium): IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and IBM Emptoris Spend Analysis 10.1.0 through…
CVE-2019-4485 — CVSS 4.3 (medium): IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and IBM Emptoris Spend Analysis 10.1.0 through…
CVE-2014-6212 — CVSS 4.0 (medium): The Echo API in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 iFix11, 10.0.0.x before 10.0.0.1 iFix12, 10.0.1.x before 10.0.1.5…
CVE-2014-3034 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 iFix 10, 10.0.0.x before 10.0.0.1 iFix…