Filtered by vendor Ibm
Subscribe
Total
7814 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3045 | 1 Ibm | 1 Lotus Sametime | 2025-04-11 | 3.5 LOW | N/A |
| The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to share crafted links via the Library function. | |||||
| CVE-2013-0519 | 1 Ibm | 1 Sterling Secure Proxy | 2025-04-11 | 5.0 MEDIUM | N/A |
| IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Interim Fix 1, and 3.4.1 before 3.4.1.7 provides web-server version data in (1) an unspecified page title and (2) an unspecified HTTP header field, which allows remote attackers to obtain potentially sensitive information by reading a version string. | |||||
| CVE-2010-4593 | 1 Ibm | 1 Lotus Mobile Connect | 2025-04-11 | 4.0 MEDIUM | N/A |
| The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does not properly maintain a certain reference count, which allows remote authenticated users to cause a denial of service (IP address exhaustion) by making invalid attempts to establish sessions with the same VPN ID from multiple devices. | |||||
| CVE-2011-1208 | 1 Ibm | 1 Soliddb | 2025-04-11 | 7.8 HIGH | N/A |
| IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and 6.3.x before 6.3 FP8 (aka 6.3.49), and 6.5.x before 6.5 FP4 (aka 6.5.0.4) does not properly handle the (1) rpc_test_svc_readwrite and (2) rpc_test_svc_done commands, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted command. | |||||
| CVE-2011-4160 | 4 Hp, Ibm, Linux and 1 more | 6 Hp-ux, Operations Agent, Performance Agent and 3 more | 2025-04-11 | 3.2 LOW | N/A |
| Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors. | |||||
| CVE-2012-2169 | 1 Ibm | 1 Rational Clearquest | 2025-04-11 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the file-upload functionality in the Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 allows remote authenticated users to inject arbitrary web script or HTML via the File Description field. | |||||
| CVE-2010-4623 | 1 Ibm | 1 Tivoli Access Manager For E-business | 2025-04-11 | 4.0 MEDIUM | N/A |
| WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions. | |||||
| CVE-2010-3700 | 3 Acegisecurity, Ibm, Vmware | 3 Acegi-security, Websphere Application Server, Springsource Spring Security | 2025-04-11 | 5.0 MEDIUM | N/A |
| VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before 3.0.4, and Acegi Security 1.0.0 through 1.0.7, as used in IBM WebSphere Application Server (WAS) 6.1 and 7.0, allows remote attackers to bypass security constraints via a path parameter. | |||||
| CVE-2013-0485 | 1 Ibm | 1 Java | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before SR13-FP1, 5.0 before SR16-FP1, and 1.4.2 before SR13-FP16 has unknown impact and attack vectors related to Class Libraries. | |||||
| CVE-2011-1388 | 2 .bbsoftware, Ibm | 2 Bb Flashback, Rational Rhapsody | 2025-04-11 | 9.3 HIGH | N/A |
| The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the TestCompatibilityRecordMode method, which allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-0637 | 1 Ibm | 1 Aix | 2025-04-11 | 4.9 MEDIUM | N/A |
| The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a timer is unused before deallocating this timer, which might allow attackers to cause a denial of service (system crash) via unspecified vectors. | |||||
| CVE-2011-1032 | 1 Ibm | 2 Lotus Connections, Websphere Application Server | 2025-04-11 | 6.8 MEDIUM | N/A |
| IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login module, which has unspecified impact and attack vectors. | |||||
| CVE-2008-7285 | 1 Ibm | 2 Lotus Domino, Lotus Quickr | 2025-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the docnote string handling implementation in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, aka SPR JFLD7GZT25. | |||||
| CVE-2012-5947 | 1 Ibm | 1 Spss Samplepower | 2025-04-11 | 9.3 HIGH | N/A |
| Buffer overflow in the vsflex7l ActiveX control in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-2188 | 1 Ibm | 2 Power Hardware Management Console Firmware, Systems Director Management Console Firmware | 2025-04-11 | 7.2 HIGH | N/A |
| IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 before 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to gain privileges via vectors involving a (1) $ (dollar sign) or (2) & (ampersand) character. | |||||
| CVE-2010-2328 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | 5.0 MEDIUM | N/A |
| The HTTP Channel in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 allows remote attackers to cause a denial of service (NullPointerException) via a large amount of chunked data that uses gzip compression. | |||||
| CVE-2011-1222 | 2 Ibm, Microsoft | 3 Aix, Tivoli Storage Manager, Windows | 2025-04-11 | 7.2 HIGH | N/A |
| Buffer overflow in the Journal Based Backup (JBB) feature in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows and AIX allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2012-5942 | 1 Ibm | 1 Tivoli Application Dependency Discovery Manager | 2025-04-11 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors. | |||||
| CVE-2010-4070 | 1 Ibm | 1 Informix Dynamic Server | 2025-04-11 | 10.0 HIGH | N/A |
| Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted parameter size, aka idsdb00146931, idsdb00146930, idsdb00146929, and idsdb00138308. | |||||
| CVE-2013-4066 | 1 Ibm | 1 Infosphere Information Server | 2025-04-11 | 4.3 MEDIUM | N/A |
| IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and 9.1 allows remote attackers to conduct clickjacking attacks by creating an overlay interface on top of the Web Console interface. | |||||