Filtered by vendor Ibm
Subscribe
Total
7122 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1372 | 1 Ibm | 1 Db2 Universal Database | 2024-02-28 | 7.2 HIGH | N/A |
Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure. | |||||
CVE-1999-1552 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges. | |||||
CVE-1999-1405 | 1 Ibm | 1 Aix | 2024-02-28 | 10.0 HIGH | N/A |
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a. | |||||
CVE-1999-0010 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. | |||||
CVE-2003-0954 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges. | |||||
CVE-2004-0795 | 1 Ibm | 1 Db2 Universal Database | 2024-02-28 | 7.2 HIGH | N/A |
DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe. | |||||
CVE-2001-0962 | 1 Ibm | 2 Websphere Application Server, Websphere Commerce Suite | 2024-02-28 | 7.5 HIGH | N/A |
IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing. | |||||
CVE-2001-1079 | 1 Ibm | 1 Aix | 2024-02-28 | 3.6 LOW | N/A |
create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service. | |||||
CVE-2001-0446 | 1 Ibm | 1 Websphere Commerce Suite | 2024-02-28 | 5.0 MEDIUM | N/A |
IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 allows remote attackers to read source code for .jsp files by appending a / to the requested URL. | |||||
CVE-1999-0093 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
AIX nslookup command allows local users to obtain root access by not dropping privileges correctly. | |||||
CVE-2001-1554 | 1 Ibm | 1 Aix | 2024-02-28 | 5.0 MEDIUM | N/A |
IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets. | |||||
CVE-2003-0064 | 4 Hp, Ibm, Sgi and 1 more | 5 Hp-ux, Aix, Irix and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | |||||
CVE-2001-1095 | 1 Ibm | 1 Aix | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter. | |||||
CVE-1999-0129 | 7 Bsdi, Eric Allman, Freebsd and 4 more | 9 Bsd Os, Sendmail, Freebsd and 6 more | 2024-02-28 | 4.6 MEDIUM | N/A |
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. | |||||
CVE-1999-1488 | 1 Ibm | 1 System Data Repository | 2024-02-28 | 5.0 MEDIUM | N/A |
sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication. | |||||
CVE-2003-0285 | 1 Ibm | 1 Aix | 2024-02-28 | 5.0 MEDIUM | N/A |
IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail. | |||||
CVE-2001-0824 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javascript into an error page. | |||||
CVE-2002-1687 | 1 Ibm | 1 Aix | 2024-02-28 | 2.1 LOW | N/A |
Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable. | |||||
CVE-2004-0480 | 1 Ibm | 1 Lotus Notes | 2024-02-28 | 10.0 HIGH | N/A |
Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe. | |||||
CVE-1999-0284 | 2 Ibm, Microsoft | 2 Lotus Domino Mail Server, Exchange Server | 2024-02-28 | 7.5 HIGH | N/A |
Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command. |