Ibm Engineering_requirements_management_doors_next
21 CVEs affecting Ibm Engineering_requirements_management_doors_next. Latest disclosed: 2026-03-03. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-43169 | High | 8.8 | 2025-03-03 | IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a user to download a malicious file without verifying the integrity of the… |
CVE-2024-41771 | High | 7.5 | 2025-03-03 | IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a remote attacker to download temporary files which could expose applicati… |
CVE-2024-41770 | High | 7.5 | 2025-03-03 | IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a remote attacker to download temporary files which could expose applicati… |
CVE-2020-4965 | High | 7.5 | 2021-04-12 | IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-For… |
CVE-2025-33096 | Medium | 6.5 | 2025-10-12 | IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user to cause a denial of service by uploading specially… |
CVE-2025-2140 | Medium | 5.7 | 2025-10-12 | IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to spoof email identity of the sender… |
CVE-2025-13734 | Medium | 5.4 | 2026-03-03 | IBM Engineering Requirements Management DOORS Next 7.1, and 7.2 could allow an authenticated user to view and edit data beyond their authorized access permissi… |
CVE-2021-20519 | Medium | 5.4 | 2021-04-12 | IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alt… |
CVE-2020-4920 | Medium | 5.4 | 2021-04-12 | IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI t… |
CVE-2021-20357 | Medium | 5.4 | 2021-01-27 | IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alter… |
CVE-2020-4865 | Medium | 5.4 | 2021-01-27 | IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alter… |
CVE-2020-4855 | Medium | 5.4 | 2021-01-27 | IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alter… |
CVE-2020-4547 | Medium | 5.4 | 2021-01-27 | IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a… |
CVE-2020-4524 | Medium | 5.4 | 2021-01-27 | IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alter… |
CVE-2020-4546 | Medium | 5.4 | 2020-09-02 | IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web U… |
CVE-2020-4522 | Medium | 5.4 | 2020-09-02 | IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web U… |
CVE-2020-4445 | Medium | 5.4 | 2020-09-02 | IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web U… |
CVE-2020-4542 | Medium | 5.4 | 2020-08-04 | IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in… |
CVE-2020-4964 | Medium | 4.3 | 2021-04-12 | IBM Jazz Team Server products contain an undisclosed vulnerability that could allow an authenticated user to present a customized message on the application wh… |
CVE-2025-2139 | Low | 3.5 | 2025-10-12 | IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete reviews from other users du… |