Filtered by vendor Ibm
Subscribe
Total
7129 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0494 | 1 Ibm | 1 Tivoli Access Manager For E-business | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors. NOTE: this might overlap CVE-2010-4622. | |||||
| CVE-2010-3896 | 1 Ibm | 1 Omnifind | 2024-02-28 | 7.5 HIGH | N/A |
| The ESSearchApplication directory tree in IBM OmniFind Enterprise Edition 8.x and 9.x does not require authentication, which allows remote attackers to modify the server configuration via a request to palette.do. | |||||
| CVE-2011-2144 | 1 Ibm | 1 Datacap Taskmaster Capture | 2024-02-28 | 5.0 MEDIUM | N/A |
| The eDocument Conversion Actions implementation in IBM Datacap Taskmaster Capture 8.0.1 FP1 and earlier allows remote attackers to cause a denial of service (batch abort) via a long subject line in an e-mail message that is represented in a .eml file. | |||||
| CVE-2011-2888 | 1 Ibm | 1 Lotus Symphony | 2024-02-28 | 4.3 MEDIUM | N/A |
| IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application hang) via complex graphics in a presentation. | |||||
| CVE-2010-3755 | 1 Ibm | 1 Tivoli Storage Manager Fastback | 2024-02-28 | 5.0 MEDIUM | N/A |
| The _DAS_ReadBlockReply function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via data in a TCP packet. NOTE: this might overlap CVE-2010-3060. | |||||
| CVE-2009-5002 | 1 Ibm | 1 Filenet P8 Application Engine | 2024-02-28 | 6.4 MEDIUM | N/A |
| The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.1-P8AE-FP001 does not record Get Content Failure Audit events, which might allow remote attackers to attempt content access without detection. | |||||
| CVE-2011-3575 | 1 Ibm | 1 Lotus Domino | 2024-02-28 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in the NSFComputeEvaluateExt function in Nnotes.dll in IBM Lotus Domino 8.5.2 allows remote authenticated users to execute arbitrary code via a long tHPRAgentName parameter in an fmHttpPostRequest OpenForm action to WebAdmin.nsf. | |||||
| CVE-2010-3898 | 1 Ibm | 1 Omnifind | 2024-02-28 | 5.0 MEDIUM | N/A |
| IBM OmniFind Enterprise Edition 8.x and 9.x does not properly restrict the cookie path of administrator (aka ESAdmin) cookies, which might allow remote attackers to bypass authentication by leveraging access to other pages on the web site. | |||||
| CVE-2010-4219 | 1 Ibm | 1 Websphere Portal | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SemanticTagService.js in IBM WebSphere Portal 6.1.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-3740 | 1 Ibm | 1 Db2 | 2024-02-28 | 4.0 MEDIUM | N/A |
| The Net Search Extender (NSE) implementation in the Text Search component in IBM DB2 UDB 9.5 before FP6a does not properly handle an alphanumeric Fuzzy search, which allows remote authenticated users to cause a denial of service (memory consumption and system hang) via the db2ext.textSearch function. | |||||
| CVE-2009-5035 | 1 Ibm | 1 Lotus Notes Traveler | 2024-02-28 | 4.3 MEDIUM | N/A |
| The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle multiple outgoing e-mail messages between sync operations, which might allow remote attackers to read communications intended for other recipients by examining appended messages. | |||||
| CVE-2011-4816 | 1 Ibm | 6 Maximo Asset Management, Maximo Asset Management Essentials, Maximo Service Desk and 3 more | 2024-02-28 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the KPI component in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database (CCMDB) 6.2, 7.1, and 7.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-0900 | 1 Ibm | 1 Websphere Mq | 2024-02-28 | 4.1 MEDIUM | N/A |
| Heap-based buffer overflow in the client in IBM WebSphere MQ 6.0 before 6.0.2.7 and 7.0 before 7.0.1.0 allows local users to gain privileges via crafted SSL information in a Client Channel Definition Table (CCDT) file. | |||||
| CVE-2010-4601 | 1 Ibm | 1 Rational Clearquest | 2024-02-28 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 allow attackers to have an unknown impact via vectors related to third-party .ocx files. | |||||
| CVE-2011-0314 | 1 Ibm | 1 Websphere Mq | 2024-02-28 | 6.5 MEDIUM | N/A |
| Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 allows remote authenticated users to execute arbitrary code or cause a denial of service (queue manager crash) by inserting an invalid message into the queue. | |||||
| CVE-2011-0915 | 1 Ibm | 1 Lotus Domino | 2024-02-28 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a long name parameter in a Content-Type header in a malformed Notes calendar (aka iCalendar or iCal) meeting request, aka SPR KLYH87LL23. | |||||
| CVE-2010-0472 | 1 Ibm | 1 Db2 | 2024-02-28 | 5.0 MEDIUM | N/A |
| kuddb2 in Tivoli Monitoring for DB2, as distributed in IBM DB2 9.7 FP1 on Linux, allows remote attackers to cause a denial of service (daemon crash) via a certain byte sequence. | |||||
| CVE-2011-1847 | 1 Ibm | 1 Db2 | 2024-02-28 | 4.9 MEDIUM | N/A |
| IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-1376 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 4.6 MEDIUM | N/A |
| iscdeploy in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.43, 7.0 before 7.0.0.21, and 8.0 before 8.0.0.2 on the IBM i platform sets weak permissions under systemapps/isclite.ear/ and bin/client_ffdc/, which allows local users to read or modify files via standard filesystem operations. | |||||
| CVE-2012-0190 | 1 Ibm | 2 Spss Data Collection, Spss Dimensions | 2024-02-28 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the Render method in the ExportHTML.ocx ActiveX control in ExportHTML.dll in IBM SPSS Dimensions 5.5 and SPSS Data Collection 5.6, 6.0, and 6.0.1 allows remote attackers to execute arbitrary code via a crafted HTML document. | |||||