Total
46 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3978 | 1 Ibm | 1 Sametime | 2025-04-11 | 5.0 MEDIUM | N/A |
| The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 does not send the appropriate HTTP response headers to prevent unwanted caching by a web browser, which allows remote attackers to obtain sensitive information by leveraging an unattended workstation. | |||||
| CVE-2013-0534 | 1 Ibm | 2 Lotus Sametime, Sametime | 2025-04-11 | 1.9 LOW | N/A |
| The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, and 8.5.2.1, as used in the Lotus Notes client and separately, might allow local users to obtain sensitive information by leveraging the persistence of cleartext password strings within process memory. | |||||
| CVE-2012-3308 | 1 Ibm | 1 Sametime | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Sametime 8.0.2 through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML via an IM chat. | |||||
| CVE-2013-6742 | 1 Ibm | 1 Sametime | 2025-04-11 | 7.5 HIGH | N/A |
| The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 do not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. | |||||
| CVE-2013-6727 | 1 Ibm | 1 Sametime | 2025-04-11 | 5.0 MEDIUM | N/A |
| The Connect client in IBM Sametime 8.5.2 through 8.5.2.1 and 9.0 before HF1 does not properly restrict unsigned Java plugins, which allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2012-3331 | 1 Ibm | 1 Sametime | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Sametime allows remote attackers to obtain sensitive information from the Sametime Log database via a direct request to STLOG.NSF. IBM X-Force ID: 78048. | |||||