Filtered by vendor Ibm
Subscribe
Total
7129 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-0729 | 1 Ibm | 1 Rational Appscan | 2024-02-28 | 6.0 MEDIUM | N/A |
Unrestricted file upload vulnerability in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allows remote authenticated users to execute arbitrary ASP.NET code by uploading a .aspx file, and then accessing it via unspecified vectors. | |||||
CVE-2012-0187 | 1 Ibm | 1 Lotus Expeditor | 2024-02-28 | 9.3 HIGH | N/A |
Untrusted search path vulnerability in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack allows local users to gain privileges via a Trojan horse DLL in the current working directory. | |||||
CVE-2013-6327 | 1 Ibm | 1 Sterling Connect Enterprise Http Option | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the HTTP Option in IBM Sterling Connect:Enterprise 1.3 before 1.3.0.2 iFix 1 and 1.4 before 1.4.0.0 iFix 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "cross-frame scripting" issue. | |||||
CVE-2013-6718 | 1 Ibm | 1 Advanced Management Module Firmware | 2024-02-28 | 6.4 MEDIUM | N/A |
The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface. | |||||
CVE-2012-2159 | 1 Ibm | 2 Security Appscan Source, Spss Data Collection | 2024-02-28 | 5.8 MEDIUM | N/A |
Open redirect vulnerability in IBM Eclipse Help System (IEHS), as used in IBM Security AppScan Source 7.x and 8.x before 8.6 and IBM SPSS Data Collection Developer Library 6.0 and 6.0.1, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
CVE-2012-4861 | 1 Ibm | 1 Infosphere Replication Server | 2024-02-28 | 4.0 MEDIUM | N/A |
The web server in InfoSphere Data Replication Dashboard in IBM InfoSphere Replication Server 9.7 and 10.1 through 10.1.0.4 allows remote authenticated users to list directories via a direct request for a directory URL. | |||||
CVE-2012-5770 | 1 Ibm | 1 Tivoli Application Dependency Discovery Manager | 2024-02-28 | 5.8 MEDIUM | N/A |
The SSL configuration in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 supports the MD5 hash algorithm, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic via a brute-force attack. | |||||
CVE-2012-0735 | 1 Ibm | 1 Rational Appscan | 2024-02-28 | 7.6 HIGH | N/A |
IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly scan file: URLs, which allows man-in-the-middle attackers to obtain sensitive information or possibly have unspecified other impact via a crafted URI. | |||||
CVE-2013-3973 | 1 Ibm | 1 Maximo Asset Management | 2024-02-28 | 6.5 MEDIUM | N/A |
SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||||
CVE-2013-0584 | 1 Ibm | 1 Infosphere Replication Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The Data Replication Dashboard component in IBM InfoSphere Replication Server 9.7 and 10.x before 10.2.0.0-b113 allows remote attackers to obtain a list of all user accounts, along with information about whether each account requires a password, via unspecified vectors. | |||||
CVE-2013-5406 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2024-02-28 | 3.5 LOW | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, leading to improper interaction with the Windows MHTML protocol handler. | |||||
CVE-2013-5411 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2024-02-28 | 4.3 MEDIUM | N/A |
IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote attackers to inject links and trigger unintended navigation or actions via unspecified vectors. | |||||
CVE-2013-2968 | 1 Ibm | 1 Sterling Control Center | 2024-02-28 | 6.3 MEDIUM | N/A |
An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters. | |||||
CVE-2013-3010 | 1 Ibm | 1 Java | 2024-02-28 | 9.3 HIGH | N/A |
Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3007. | |||||
CVE-2013-4050 | 1 Ibm | 1 Lotus Domino | 2024-02-28 | 6.0 MEDIUM | N/A |
Cross-site request forgery (CSRF) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. | |||||
CVE-2013-0519 | 1 Ibm | 1 Sterling Secure Proxy | 2024-02-28 | 5.0 MEDIUM | N/A |
IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Interim Fix 1, and 3.4.1 before 3.4.1.7 provides web-server version data in (1) an unspecified page title and (2) an unspecified HTTP header field, which allows remote attackers to obtain potentially sensitive information by reading a version string. | |||||
CVE-2013-5419 | 1 Ibm | 1 Aix | 2024-02-28 | 6.9 MEDIUM | N/A |
Multiple buffer overflows in (1) mkque and (2) mkquedev in bos.rte.printers in IBM AIX 6.1 and 7.1 allow local users to gain privileges by leveraging printq group membership. | |||||
CVE-2013-3006 | 1 Ibm | 1 Java | 2024-02-28 | 9.3 HIGH | N/A |
Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3008. | |||||
CVE-2013-3979 | 2 Ibm, Microsoft | 2 Star Command Center, Internet Explorer | 2024-02-28 | 3.5 LOW | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Web\Content\Help\ in the Web Client in IBM Cognos Command Center (aka Star Command Center or Star Analytics) before 10.1, when Internet Explorer is used, allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2013-0553 | 1 Ibm | 2 Lotus Sametime, Sametime | 2024-02-28 | 3.5 LOW | N/A |
The client implementation in IBM Sametime 8.5.1 through 8.5.2.1, as used in Sametime Connect client, Sametime Advanced Connect client, Sametime Advanced Web client, and other products, allows remote authenticated users to send commands to individual chat users, or to all participants in a chat room, via a crafted Sametime Instant Message (IM). |