Filtered by vendor Ibm
Subscribe
Total
7460 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-6045 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2 Universal Database, Linux Kernel, Windows and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors. | |||||
CVE-2007-4418 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | 5.5 MEDIUM | N/A |
IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authenticated users with a certain SELECT privilege to have an unknown impact via unspecified vectors. NOTE: this issue is probably related to CVE-2007-1089, but this is uncertain due to lack of details. | |||||
CVE-2007-6593 | 1 Ibm | 1 Lotus Notes | 2025-04-09 | 8.8 HIGH | N/A |
Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909. | |||||
CVE-2008-1599 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
The nddstat programs on IBM AIX 5.2, 5.3, and 6.1 do not properly handle environment variables, which allows local users to gain privileges by invoking (1) atmstat, (2) entstat, (3) fddistat, (4) hdlcstat, or (5) tokstat. | |||||
CVE-2009-0779 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users to gain privileges via a long "input string." | |||||
CVE-2008-1710 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
Untrusted search path vulnerability in chnfsmnt in IBM AIX 6.1 allows local users to gain privileges via a modified PATH environment variable. | |||||
CVE-2008-5413 | 1 Ibm | 1 Websphere Application Server | 2025-04-09 | 5.0 MEDIUM | N/A |
PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 allows attackers to obtain sensitive information by reading the (1) systemout.log and (2) ffdc files. NOTE: this is probably a duplicate of CVE-2009-0434. | |||||
CVE-2008-4693 | 1 Ibm | 1 Db2 | 2025-04-09 | 5.0 MEDIUM | N/A |
The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 before FP2 writes sensitive information to the trace output, which allows attackers to obtain sensitive information by reading "PASSWORD-RELATED CONNECTION STRING KEYWORD VALUES." | |||||
CVE-2007-6363 | 1 Ibm | 1 Tivoli Netcool Security Manager | 2025-04-09 | 2.1 LOW | N/A |
IBM Tivoli Netcool Security Manager 1.3.0 before Interim Fix 1, when using Active Directory (AD) LDAP authentication, allows remote attackers to obtain login access via unspecified vectors without entering a password. | |||||
CVE-2007-1784 | 1 Ibm | 1 Lotus Sametime | 2025-04-09 | 9.3 HIGH | N/A |
The JNILoader ActiveX control (STJNILoader.ocx) 3.1.0.26 in IBM Lotus Notes Sametime before 7.5 allows remote attackers to load arbitrary DLL libraries and execute arbitrary code via arbitrary arguments to the loadLibrary function. | |||||
CVE-2009-1905 | 1 Ibm | 1 Db2 | 2025-04-09 | 2.6 LOW | N/A |
The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish a database connection via unspecified vectors. | |||||
CVE-2009-0536 | 1 Ibm | 1 Aix | 2025-04-09 | 4.9 MEDIUM | N/A |
at in bos.rte.cron on IBM AIX 5.2.0, 5.3.0 through 5.3.9, and 6.1.0 through 6.1.2 allows local users to read arbitrary files via unspecified vectors, related to failure to drop root privileges. | |||||
CVE-2007-1088 | 1 Ibm | 1 Db2 | 2025-04-09 | 7.2 HIGH | N/A |
Stack-based buffer overflow in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allows local users to execute arbitrary code via a long string in unspecified environment variables. | |||||
CVE-2009-1240 | 1 Ibm | 4 Network Multi-function Security, Proventia Desktop Endpoint Security, Proventia Network Mail Security System and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allows remote attackers to bypass detection of malware via a modified RAR archive. | |||||
CVE-2008-4505 | 1 Ibm | 1 Lotus Quickr | 2025-04-09 | 7.8 HIGH | N/A |
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) might allow attackers to cause a denial of service (system crash) via a "nonstandard URL argument" to the OpenDocument command. NOTE: due to lack of details from the vendor, it is not clear whether this is a vulnerability. | |||||
CVE-2004-2762 | 1 Ibm | 2 Mvs, Tivoli Storage Manager | 2025-04-09 | 4.3 MEDIUM | N/A |
The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1. | |||||
CVE-2008-5326 | 2 Ibm, Microsoft | 2 Rational Clearquest, Windows | 2025-04-09 | 4.4 MEDIUM | N/A |
The ClearQuest Maintenance Tool in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 on Windows allows local users to obtain (1) user and (2) database passwords by using a password revealer utility on a field containing a series of asterisks. | |||||
CVE-2008-1592 | 3 Hp, Ibm, Tandem Computers | 3 Nonstop, Websphere Mq, Tandem Operating System | 2025-04-09 | 4.6 MEDIUM | N/A |
MQSeries 5.1 in IBM WebSphere MQ 5.1 through 5.3.1 on the HP NonStop and Tandem NSK platforms does not require mqm group membership for execution of administrative tasks, which allows local users to bypass intended access restrictions via the runmqsc program, related to "Pathway panels." | |||||
CVE-2009-3745 | 1 Ibm | 1 Rational Appscan | 2025-04-09 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the help pages in IBM Rational AppScan Enterprise Edition 5.5.0.2 allows remote attackers to inject arbitrary web script or HTML via the query string. | |||||
CVE-2007-4368 | 1 Ibm | 1 Rational Clearquest | 2025-04-09 | 7.5 HIGH | N/A |
SQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) Web 7.0.0.0-IFIX02 and 7.0.0.1 allows remote attackers to execute arbitrary SQL commands via the username parameter in a GenerateMainFrame command. |