Filtered by vendor Ibm
Subscribe
Total
7122 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1191 | 1 Ibm | 1 Tivoli Secureway Policy Director | 2024-02-28 | 5.0 MEDIUM | N/A |
WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e. | |||||
CVE-2003-0898 | 1 Ibm | 1 Db2 Universal Database | 2024-02-28 | 4.6 MEDIUM | N/A |
IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2. | |||||
CVE-2004-1663 | 5 Broadcom, Brocade, Engenio and 2 more | 6 Fabric Operating System, Silkworm, Silkworm Fiber Channel Switch and 3 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets. | |||||
CVE-2000-0505 | 2 Apache, Ibm | 2 Http Server, Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters. | |||||
CVE-1999-0116 | 1 Ibm | 2 Aix, Sng | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood. | |||||
CVE-2001-0573 | 1 Ibm | 1 Aix | 2024-02-28 | 4.6 MEDIUM | N/A |
lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory. | |||||
CVE-2002-0370 | 5 Allume Systems Division, Ibm, Microsoft and 2 more | 7 Stuffit Expander, Lotus Notes, Windows 98 Plus Pack and 4 more | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0. | |||||
CVE-2003-0694 | 11 Apple, Compaq, Freebsd and 8 more | 18 Mac Os X, Mac Os X Server, Tru64 and 15 more | 2024-02-28 | 10.0 HIGH | N/A |
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | |||||
CVE-2002-1548 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
Unknown vulnerability in autofs on AIX 4.3.0, when using executable maps, allows attackers to execute arbitrary commands as root, possibly related to "string handling around how the executable map is called." | |||||
CVE-2000-0848 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header. | |||||
CVE-1999-1414 | 1 Ibm | 1 Netfinity Remote Control | 2024-02-28 | 7.2 HIGH | N/A |
IBM Netfinity Remote Control allows local users to gain administrator privileges by starting programs from the process manager, which runs with system level privileges. | |||||
CVE-2000-1215 | 1 Ibm | 1 Lotus Domino | 2024-02-28 | 5.0 MEDIUM | N/A |
The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information. | |||||
CVE-2003-0123 | 1 Ibm | 2 Lotus Domino, Lotus Notes Client | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line. | |||||
CVE-2003-0759 | 1 Ibm | 1 Db2 Universal Database | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument. | |||||
CVE-2002-1620 | 1 Ibm | 1 Aix Parallel Systems Support Programs | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in IBM AIX Parallel Systems Support Programs (PSSP) 3.1.1, 3.2, and 3.4 allows remote attackers to read arbitrary files from a file collection. | |||||
CVE-2004-0545 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2001-1529 | 1 Ibm | 1 Aix | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779. | |||||
CVE-2002-1551 | 1 Ibm | 1 Aix | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code. | |||||
CVE-2000-0652 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 5.0 MEDIUM | N/A |
IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string. | |||||
CVE-2004-1329 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program. |