Filtered by vendor Ibm
Subscribe
Total
7416 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4594 | 1 Ibm | 2 Lotus Domino, Lotus Inotes | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.131 for Domino 8.0.x has unknown impact and attack vectors, aka SPR SDOY7RHBNH. | |||||
| CVE-2008-0589 | 1 Ibm | 1 Aix | 2025-04-09 | 4.9 MEDIUM | N/A |
| The ps program in bos.rte.control in IBM AIX 5.2, 5.3, and 6.1 allows local users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2009-3106 | 1 Ibm | 1 Websphere Application Server | 2025-04-09 | 5.0 MEDIUM | N/A |
| The Servlet Engine/Web Container component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.37 does not properly implement security constraints on the (1) doGet and (2) doTrace methods, which allows remote attackers to bypass intended access restrictions and obtain sensitive information via a crafted HTTP HEAD request to a Web Application. | |||||
| CVE-2008-1706 | 1 Ibm | 1 Soliddb | 2025-04-09 | 4.3 MEDIUM | N/A |
| Uncontrolled array index in IBM solidDB 06.00.1018 and earlier allows remote attackers to cause a denial of service (daemon crash) via a large value in a certain 32-bit field. | |||||
| CVE-2007-5559 | 1 Ibm | 1 Thinkvantage Tpm | 2025-04-09 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2007-3794 | 6 Hitachi, Hp, Ibm and 3 more | 16 Cosminexus Application Server, Cosminexus Client, Cosminexus Developer and 13 more | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application. | |||||
| CVE-2009-1355 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename. | |||||
| CVE-2007-1868 | 1 Ibm | 1 Tivoli Provisioning Manager Os Deployment | 2025-04-09 | 10.0 HIGH | N/A |
| The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted POST requests to port 8080/tcp or 443/tcp. | |||||
| CVE-2008-0861 | 1 Ibm | 1 Lotus Quickplace | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in leg/Main.nsf in IBM Lotus Quickplace 7.0 allows remote attackers to inject arbitrary web script or HTML via an h_SearchString sub-parameter in the PreSetFields parameter of an EditDocument action. | |||||
| CVE-2009-1906 | 1 Ibm | 1 Db2 | 2025-04-09 | 4.3 MEDIUM | N/A |
| The DRDA Services component in IBM DB2 9.1 before FP7 and 9.5 before FP4 allows remote attackers to cause a denial of service (memory corruption and application crash) via an IPv6 address in the correlation token in the APPID string, as demonstrated by an APPID string sent by the third-party DataDirect JDBC driver 3.7.32. | |||||
| CVE-2006-4843 | 1 Ibm | 1 Lotus Domino | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified "code sequences" that bypass the protection scheme. | |||||
| CVE-2008-2410 | 1 Ibm | 1 Lotus Domino Web Server | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-0588 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
| Buffer overflow in the utape program in devices.scsi.tape.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2007-6706 | 1 Ibm | 1 Lotus Notes | 2025-04-09 | 9.3 HIGH | N/A |
| Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP. | |||||
| CVE-2008-4563 | 2 Ibm, Microsoft | 3 Tivoli Storage Manager, Tivoli Storage Manager Express, Windows | 2025-04-09 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in the backup server in IBM Tivoli Storage Manager (TSM) Express 5.3.7.3 and earlier and TSM 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0, allows remote attackers to execute arbitrary code via a crafted length value. | |||||
| CVE-2008-1130 | 1 Ibm | 1 Websphere Mq | 2025-04-09 | 6.6 MEDIUM | N/A |
| Unspecified vulnerability in IBM WebSphere MQ 6.0.x before 6.0.2.2 and 5.3 before Fix Pack 14 allows attackers to bypass access restrictions for a queue manager via a SVRCONN (MQ client) channel. | |||||
| CVE-2008-0509 | 1 Ibm | 1 Aix | 2025-04-09 | 4.4 MEDIUM | N/A |
| Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service (crash) or possibly gain privileges via a long argument to (1) piox25, related to piox25.c; or (2) piox25remote, related to piox25remote.sh. | |||||
| CVE-2009-2741 | 1 Ibm | 1 Websphere Business Events | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the wberuntimeear application in the test servlet in IBM WebSphere Business Events 6.1 and 6.2 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2007-6408 | 1 Ibm | 1 Tivoli Provisioning Manager Express | 2025-04-09 | 5.0 MEDIUM | N/A |
| IBM Tivoli Provisioning Manager Express provides unspecified information in error messages when (1) attempted duplication of a username occurs when creating an account or (2) when trying to login using a valid username, which makes it easier for remote attackers to enumerate usernames. | |||||
| CVE-2007-4272 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | 1.9 LOW | N/A |
| Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker's umask is honored, (2) /etc/ld.so.preload, (3) certain "cron data file locations", and other unspecified vectors possibly involving the (4) OSSEMEMDBG or (5) TRC_LOG_FILE environment variable in db2licd (db2licm). | |||||