Filtered by vendor Ibm
Subscribe
Total
8031 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4236 | 1 Ibm | 1 Omnifind | 2025-04-11 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges via an ES_LIBRARY_PATH environment variable and a modified PATH environment variable, which is used during execution of the estasklight program, a different vulnerability than CVE-2010-3895. | |||||
| CVE-2013-0568 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-04-11 | 4.0 MEDIUM | N/A |
| IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-2987, CVE-2013-3020, CVE-2013-0475, and CVE-2013-0567. | |||||
| CVE-2013-6718 | 1 Ibm | 1 Advanced Management Module Firmware | 2025-04-11 | 6.4 MEDIUM | N/A |
| The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface. | |||||
| CVE-2013-5426 | 1 Ibm | 2 Infosphere Master Data Management Collaboration Server, Infosphere Master Data Management Server For Product Information Management | 2025-04-11 | 4.9 MEDIUM | N/A |
| Session fixation vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1 IF5 and 11.0 before IF1 and InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1 IF11 allows remote authenticated users to hijack web sessions via unspecified vectors. | |||||
| CVE-2013-4019 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8 and 7.1 before 7.1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-4048 | 1 Ibm | 1 Spss Analytical Decision Management | 2025-04-11 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving addition of script to a page. | |||||
| CVE-2013-4045 | 1 Ibm | 1 Spss Collaboration And Deployment Services | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-0541 | 2 Ibm, Microsoft | 2 Websphere Application Server, Windows | 2025-04-11 | 1.9 LOW | N/A |
| Buffer overflow in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Windows, when a localOS registry is used in conjunction with WebSphere Identity Manger (WIM), allows local users to cause a denial of service (daemon crash) via unspecified vectors. | |||||
| CVE-2011-1316 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | 5.0 MEDIUM | N/A |
| The Session Initiation Protocol (SIP) Proxy in the HTTP Transport component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (worker thread exhaustion and UDP messaging outage) by sending many UDP messages. | |||||
| CVE-2009-5058 | 1 Ibm | 2 Lotus Domino, Lotus Quickr | 2025-04-11 | 3.5 LOW | N/A |
| Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by deleting an item that is accessed through a connector, aka SPR RELS7LARKR. | |||||
| CVE-2010-3897 | 1 Ibm | 1 Omnifind | 2025-04-11 | 5.0 MEDIUM | N/A |
| ESSearchApplication/palette.do in IBM OmniFind Enterprise Edition 8.x and 9.x includes the administrator password in the HTML source code, which might allow remote attackers to obtain sensitive information by leveraging read access to this file. | |||||
| CVE-2013-2981 | 1 Ibm | 1 Data Studio | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2011-1216 | 1 Ibm | 1 Lotus Notes | 2025-04-11 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7. | |||||
| CVE-2013-3025 | 1 Ibm | 1 Rational Focal Point | 2025-04-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in IBM Rational Focal Point 6.5.x and 6.6.x before 6.6.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-0357 | 1 Ibm | 1 Lotus Web Content Management | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Login page in IBM Lotus Web Content Management (WCM) 6.0.1.4, 6.0.1.5, and 6.0.1.6 before iFix 32; and 6.1.0.1 and 6.1.0.2 before iFix 24; for WebSphere Portal allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | |||||
| CVE-2013-0500 | 1 Ibm | 2 Storwize V7000 Unified, Storwize V7000 Unified Software | 2025-04-11 | 5.4 MEDIUM | N/A |
| IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 does not properly handle device files that are created with the NFS protocol but accessed with a non-NFS protocol, which allows remote authenticated users to obtain sensitive information, modify programs or files, or cause a denial of service (device crash) via a (1) CIFS, (2) HTTPS, (3) SCP, or (4) SFTP operation. | |||||
| CVE-2010-2896 | 1 Ibm | 1 Filenet Content Manager | 2025-04-11 | 4.3 MEDIUM | N/A |
| IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage the InheritParentPermissions setting during an upgrade from 3.x, which might allow attackers to bypass intended folder permissions via unspecified vectors. | |||||
| CVE-2011-1220 | 1 Ibm | 1 Tivoli Management Framework | 2025-04-11 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field. | |||||
| CVE-2012-3329 | 2 Ibm, Linux | 3 Advanced Settings Utility, Bootable Media Creator, Linux Kernel | 2025-04-11 | 3.3 LOW | N/A |
| IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (BoMC) through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a (1) temporary file or (2) log file. | |||||
| CVE-2011-1373 | 1 Ibm | 1 Db2 | 2025-04-11 | 1.5 LOW | N/A |
| Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE_MEMORY setting are configured, allows local users to cause a denial of service (daemon crash) via unknown vectors. | |||||