Filtered by vendor Ibm
Subscribe
Total
7122 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0429 | 1 Ibm | 1 Lotus Notes | 2024-02-28 | 7.5 HIGH | N/A |
| The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference. | |||||
| CVE-2002-1203 | 1 Ibm | 1 Secureway Firewall | 2024-02-28 | 5.0 MEDIUM | N/A |
| IBM SecureWay Firewall before 4.2.2 performs extra processing before determining that a packet is invalid and dropping it, which allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed TCP packets without any flags set. | |||||
| CVE-2000-0873 | 1 Ibm | 1 Aix | 2024-02-28 | 2.1 LOW | N/A |
| netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities. | |||||
| CVE-2003-1447 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 1.9 LOW | N/A |
| IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64 encoding), which allows local users to decrypt passwords when the configuration file is exported to XML. | |||||
| CVE-1999-0318 | 4 Hp, Ibm, Redhat and 1 more | 5 Hp-ux, Aix, Linux and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. | |||||
| CVE-2001-0554 | 9 Debian, Freebsd, Ibm and 6 more | 11 Debian Linux, Freebsd, Aix and 8 more | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | |||||
| CVE-2002-1168 | 1 Ibm | 1 Websphere Caching Proxy Server | 2024-02-28 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP request that contains an Location: header with a "%0a%0d" (CRLF) sequence, which echoes the Location as an HTTP header in the server response. | |||||
| CVE-1999-1487 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
| Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system. | |||||
| CVE-2002-1153 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| IBM Websphere 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with long HTTP headers, such as "Host". | |||||
| CVE-2001-1080 | 1 Ibm | 1 Aix | 2024-02-28 | 10.0 HIGH | N/A |
| diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable to find and execute certain programs, which allows local users to gain privileges by modifying the variable to point to a Trojan horse program. | |||||
| CVE-1999-1119 | 1 Ibm | 1 Aix | 2024-02-28 | 10.0 HIGH | N/A |
| FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands. | |||||
| CVE-1999-0693 | 3 Hp, Ibm, Sco | 3 Hp-ux, Aix, Unixware | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. | |||||
| CVE-2000-1110 | 1 Ibm | 1 Net.data | 2024-02-28 | 5.0 MEDIUM | N/A |
| document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program. | |||||
| CVE-2000-0466 | 1 Ibm | 1 Aix | 2024-02-28 | 7.2 HIGH | N/A |
| AIX cdmount allows local users to gain root privileges via shell metacharacters. | |||||
| CVE-2001-0982 | 1 Ibm | 1 Tivoli Secureway Policy Director | 2024-02-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. (dot dot) sequences containing "%2e" strings. | |||||
| CVE-2002-0679 | 6 Caldera, Compaq, Hp and 3 more | 8 Openunix, Unixware, Tru64 and 5 more | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure. | |||||
| CVE-2002-1822 | 1 Ibm | 1 Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| IBM HTTP Server 1.0 on AS/400 allows remote attackers to obtain the path to the web root directory and other sensitive information, which is leaked in an error mesage when a request is made for a non-existent Java Server Page (JSP). | |||||
| CVE-1999-0208 | 3 Ibm, Nec, Sgi | 5 Aix, Asl Ux 4800, Ews-ux V and 2 more | 2024-02-28 | 10.0 HIGH | N/A |
| rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. | |||||
| CVE-2002-1689 | 1 Ibm | 1 Aix | 2024-02-28 | 10.0 HIGH | N/A |
| Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow. | |||||
| CVE-2001-1313 | 1 Ibm | 1 Lotus Domino R5 | 2024-02-28 | 7.5 HIGH | N/A |
| Lotus Domino R5 before R5.0.7a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via miscellaneous packets with semi-valid BER encodings, as demonstrated by the PROTOS LDAPv3 test suite. | |||||