Filtered by vendor Ibm
Subscribe
Total
7127 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-3128 | 1 Ibm | 1 Websphere Portal | 2024-02-28 | 6.4 MEDIUM | N/A |
SQL injection vulnerability in content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
CVE-2007-4792 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors. | |||||
CVE-2007-6705 | 1 Ibm | 1 Websphere Mq | 2024-02-28 | 3.3 LOW | N/A |
The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client for Windows, when running in an MTS or a COM+ environment, grants the PROCESS_DUP_HANDLE privilege to the Everyone group upon connection to a queue manager, which allows local users to duplicate an arbitrary handle and possibly hijack an arbitrary process. | |||||
CVE-2007-6593 | 1 Ibm | 1 Lotus Notes | 2024-02-28 | 8.8 HIGH | N/A |
Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909. | |||||
CVE-2008-0698 | 1 Ibm | 1 Db2 | 2024-02-28 | 7.8 HIGH | N/A |
Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 has unknown attack vectors, and an impact probably involving "invalid memory access." | |||||
CVE-2008-0696 | 1 Ibm | 1 Db2 | 2024-02-28 | 7.5 HIGH | N/A |
IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization for the ALTER TABLE statement, which has unknown impact and attack vectors. | |||||
CVE-2007-1917 | 8 Apple, Hp, Ibm and 5 more | 11 Macos, Hp-ux, Tru64 and 8 more | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. | |||||
CVE-2007-6294 | 1 Ibm | 1 Hardware Management Console | 2024-02-28 | 4.9 MEDIUM | N/A |
Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 3 R3.7 allow attackers to gain privileges via "some HMC commands." | |||||
CVE-2007-3626 | 3 Hitachi, Ibm, Sun | 7 Cosminexus Application Server, Cosminexus Tpbroker, Tpbroker and 4 more | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in the ADM daemon in Hitachi TPBroker before 20070706 allows remote attackers to cause a denial of service (daemon crash) via a certain request. | |||||
CVE-2007-0618 | 1 Ibm | 1 Aix | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability." | |||||
CVE-2007-6045 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2 Universal Database, Linux Kernel, Windows and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors. | |||||
CVE-2006-5663 | 1 Ibm | 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect | 2024-02-28 | 4.6 MEDIUM | N/A |
IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts. | |||||
CVE-2007-1089 | 3 Ibm, Linux, Microsoft | 3 Db2 Universal Database, Linux Kernel, Windows Xp | 2024-02-28 | 7.2 HIGH | N/A |
IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors. | |||||
CVE-2007-0978 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data. | |||||
CVE-2006-5003 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
Unspecified vulnerability in the named8 command in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors. | |||||
CVE-2007-0067 | 1 Ibm | 1 Lotus Domino Web Server | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files. | |||||
CVE-2007-5652 | 1 Ibm | 1 Db2 | 2024-02-28 | 7.8 HIGH | N/A |
IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | |||||
CVE-2007-4796 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in uucp in bos.net.uucp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. | |||||
CVE-2007-4623 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command. | |||||
CVE-2007-4598 | 1 Ibm | 1 Surepos 500 | 2024-02-28 | 4.6 MEDIUM | N/A |
IBM SurePOS 500 has (1) a default password of "12345" for the manager and (2) blank default passwords for operator accounts. |