Filtered by vendor Ibm
Subscribe
Total
7814 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-2177 | 1 Ibm | 1 Cognos Business Intelligence | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors related to the search feature. | |||||
| CVE-2011-1318 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | 5.0 MEDIUM | N/A |
| Memory leak in org.apache.jasper.runtime.JspWriterImpl.response in the JavaServer Pages (JSP) component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) by accessing a JSP page of an application that is repeatedly stopped and restarted. | |||||
| CVE-2010-3736 | 1 Ibm | 1 Db2 | 2025-04-11 | 4.0 MEDIUM | N/A |
| Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a, when the connection concentrator is enabled, allows remote authenticated users to cause a denial of service (heap memory consumption) by using a different code page than the database server. | |||||
| CVE-2010-4055 | 1 Ibm | 1 Soliddb | 2025-04-11 | 5.0 MEDIUM | N/A |
| Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 and earlier allows remote attackers to cause a denial of service (memory consumption and daemon crash) by connecting to TCP port 1315 and sending a packet with many integer fields, which trigger many recursive calls of a certain function. | |||||
| CVE-2013-5458 | 1 Ibm | 1 Java | 2025-04-11 | 9.3 HIGH | N/A |
| Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2013-4048 | 1 Ibm | 1 Spss Analytical Decision Management | 2025-04-11 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving addition of script to a page. | |||||
| CVE-2011-2143 | 1 Ibm | 1 Datacap Taskmaster Capture | 2025-04-11 | 6.8 MEDIUM | N/A |
| IBM Datacap Taskmaster Capture 8.0.1 before FP1, when Windows Authentication is enabled, allows remote attackers to obtain login access by using an incorrect password in conjunction with an account name from a different domain. | |||||
| CVE-2012-4826 | 1 Ibm | 1 Db2 | 2025-04-11 | 8.5 HIGH | N/A |
| Stack-based buffer overflow in the SQL/PSM (aka SQL Persistent Stored Module) Stored Procedure (SP) infrastructure in IBM DB2 9.1, 9.5, 9.7 before FP7, 9.8, and 10.1 might allow remote authenticated users to execute arbitrary code by debugging a stored procedure. | |||||
| CVE-2012-3296 | 1 Ibm | 1 Power Hardware Management Console | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Help link in the login panel in IBM Power Hardware Management Console (HMC) 7R7.1.0 before SP4, 7R7.2.0 before SP2, and 7R7.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-5770 | 1 Ibm | 1 Tivoli Application Dependency Discovery Manager | 2025-04-11 | 5.8 MEDIUM | N/A |
| The SSL configuration in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 supports the MD5 hash algorithm, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic via a brute-force attack. | |||||
| CVE-2010-4219 | 1 Ibm | 1 Websphere Portal | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SemanticTagService.js in IBM WebSphere Portal 6.1.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-6359 | 1 Ibm | 2 Tivoli Federated Identity Manager, Tivoli Federated Identity Manager Business Gateway | 2025-04-11 | 4.3 MEDIUM | N/A |
| IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.11, 6.2.1 before 6.2.1.3, and 6.2.2 before 6.2.2.2 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.11, 6.2.1 before 6.2.1.3, and 6.2.2 before 6.2.2.2 do not check whether an OpenID attribute is signed in the (1) SREG (aka simple registration extension) and (2) AX (aka attribute exchange extension) cases, which allows man-in-the-middle attackers to spoof OpenID provider data by inserting unsigned attributes. | |||||
| CVE-2013-5378 | 1 Ibm | 1 Websphere Portal | 2025-04-11 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.x before 8.0.0.1 CF8 allows remote authenticated users to inject arbitrary web script or HTML by leveraging incorrect IBM Connections integration. | |||||
| CVE-2012-4853 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Application Server 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger information disclosure. | |||||
| CVE-2012-0744 | 1 Ibm | 1 Rational Clearquest | 2025-04-11 | 5.0 MEDIUM | N/A |
| IBM Rational ClearQuest 7.1.x through 7.1.2.7 and 8.x through 8.0.0.3 allows remote attackers to obtain potentially sensitive information via a request to a (1) snoop, (2) hello, (3) ivt/, (4) hitcount, (5) HitCount.jsp, (6) HelloHTMLError.jsp, (7) HelloHTML.jsp, (8) HelloVXMLError.jsp, (9) HelloVXML.jsp, (10) HelloWMLError.jsp, (11) HelloWML.jsp, or (12) cqweb/j_security_check sample script. | |||||
| CVE-2010-4069 | 1 Ibm | 1 Informix Dynamic Server | 2025-04-11 | 8.5 HIGH | N/A |
| Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x through 7.31, 9.x through 9.40, 10.00 before 10.00.xC10, 11.10 before 11.10.xC3, and 11.50 before 11.50.xC3 allows remote authenticated users to execute arbitrary code via long DBINFO keyword arguments in a SQL statement, aka idsdb00165017, idsdb00165019, idsdb00165021, idsdb00165022, and idsdb00165023. | |||||
| CVE-2011-2679 | 1 Ibm | 1 Rational Doors Web Access | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-3475 | 1 Ibm | 3 Db2, Db2 Connect, Smart Analytics System 7600 | 2025-04-11 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 and DB2 Connect 9.1, 9.5, 9.7, 9.8, and 10.1, as used in Smart Analytics System 7600 and other products, allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2013-4013 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | 5.0 MEDIUM | N/A |
| IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.2 allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2013-3990 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN98FLQ2. | |||||