cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-4513,https://securityvulnerability.io/vulnerability/CVE-2019-4513,,IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 164555.,IBM,Security Access Manager For Enterprise Single Sign-on,8.2,HIGH,0.001610000035725534,false,,false,false,false,,,false,false,,2019-08-26T15:15:00.000Z,0
CVE-2017-1732,https://securityvulnerability.io/vulnerability/CVE-2017-1732,,IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 134913.,IBM,Security Access Manager For Enterprise Single Sign-on,4.3,MEDIUM,0.0006799999973736703,false,,false,false,false,,,false,false,,2018-08-17T16:29:00.000Z,0
CVE-2013-5420,https://securityvulnerability.io/vulnerability/CVE-2013-5420,,The IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote authenticated users to read log files by leveraging helpdesk privileges for a direct request.,IBM,Security Access Manager For Enterprise Single Sign-on,,,0.0009200000204145908,false,,false,false,false,,,false,false,,2013-12-23T22:00:00.000Z,0
CVE-2013-6745,https://securityvulnerability.io/vulnerability/CVE-2013-6745,,Cross-site scripting (XSS) vulnerability in the IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an unspecified dynamic web form.,IBM,Security Access Manager For Enterprise Single Sign-on,,,0.0010100000072270632,false,,false,false,false,,,false,false,,2013-12-22T15:00:00.000Z,0
CVE-2013-5421,https://securityvulnerability.io/vulnerability/CVE-2013-5421,,Cross-site scripting (XSS) vulnerability in the IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote attackers to inject arbitrary web script or HTML via crafted input to an unspecified dynamic web form.,IBM,Security Access Manager For Enterprise Single Sign-on,,,0.0012199999764561653,false,,false,false,false,,,false,false,,2013-12-22T15:00:00.000Z,0