Filtered by vendor Ibm
Subscribe
Total
8031 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3090 | 2 Ibm, Linux | 2 Tivoli Directory Server, Linux Kernel | 2025-04-09 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in IBM Tivoli Directory Server (TDS) 6.0 on Linux allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2008-3423 | 1 Ibm | 1 Websphere Portal | 2025-04-09 | 7.5 HIGH | N/A |
| IBM WebSphere Portal 5.1 through 6.1.0.0 allows remote attackers to bypass authentication and obtain administrative access via unspecified vectors. | |||||
| CVE-2008-5387 | 1 Ibm | 1 Aix | 2025-04-09 | 6.2 MEDIUM | N/A |
| Buffer overflow in autoconf6 in IBM AIX 6.1.0 through 6.1.2, when Role-Based Access Control is enabled, allows local users with aix.network.config.tcpip authorization to gain privileges via unspecified vectors. | |||||
| CVE-2008-1708 | 1 Ibm | 1 Soliddb | 2025-04-09 | 4.3 MEDIUM | N/A |
| IBM solidDB 06.00.1018 and earlier does not validate a certain field that specifies an amount of memory to allocate, which allows remote attackers to cause a denial of service (daemon exit) via a packet with a large value in this field. | |||||
| CVE-2009-4438 | 1 Ibm | 1 Db2 | 2025-04-09 | 6.5 MEDIUM | N/A |
| The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a (1) sequence or (2) global-variable object, which allows remote authenticated users to make use of data via unspecified vectors. | |||||
| CVE-2008-5411 | 1 Ibm | 1 Websphere Application Server | 2025-04-09 | 5.0 MEDIUM | N/A |
| IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 sends SSL traffic over "unsecured TCP," which makes it easier for remote attackers to obtain sensitive information by sniffing the network. | |||||
| CVE-2009-1173 | 1 Ibm | 1 Websphere Application Server | 2025-04-09 | 2.1 LOW | N/A |
| IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files associated with unspecified "interim fixes," which allows attackers to modify files that would not have been accessible if the intended 755 permissions were used. | |||||
| CVE-2007-1916 | 8 Apple, Hp, Ibm and 5 more | 11 Macos, Hp-ux, Tru64 and 8 more | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. | |||||
| CVE-2007-5664 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | 6.9 MEDIUM | N/A |
| db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization. | |||||
| CVE-2007-3626 | 3 Hitachi, Ibm, Sun | 7 Cosminexus Application Server, Cosminexus Tpbroker, Tpbroker and 4 more | 2025-04-09 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the ADM daemon in Hitachi TPBroker before 20070706 allows remote attackers to cause a denial of service (daemon crash) via a certain request. | |||||
| CVE-2004-2762 | 1 Ibm | 2 Mvs, Tivoli Storage Manager | 2025-04-09 | 4.3 MEDIUM | N/A |
| The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1. | |||||
| CVE-2007-4275 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | 6.9 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to (1) DB2 instance or FMP startup on Linux and Solaris; (2) exec of executables while running as root on non-Windows systems, as demonstrated by AIX; and unspecified vectors involving (3) db2licm and (4) db2pd. | |||||
| CVE-2008-4111 | 1 Ibm | 1 Websphere Application Server | 2025-04-09 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when the FileServing feature is enabled, has unknown impact and attack vectors. | |||||
| CVE-2008-1101 | 2 Autonomy, Ibm | 2 Keyview, Lotus Notes | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document. | |||||
| CVE-2009-2092 | 1 Ibm | 1 Websphere Application Server | 2025-04-09 | 7.5 HIGH | N/A |
| IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.5 does not properly read the portletServingEnabled parameter in ibm-portlet-ext.xmi, which allows remote attackers to bypass intended access restrictions via unknown vectors. | |||||
| CVE-2009-0536 | 1 Ibm | 1 Aix | 2025-04-09 | 4.9 MEDIUM | N/A |
| at in bos.rte.cron on IBM AIX 5.2.0, 5.3.0 through 5.3.9, and 6.1.0 through 6.1.2 allows local users to read arbitrary files via unspecified vectors, related to failure to drop root privileges. | |||||
| CVE-2007-6679 | 1 Ibm | 1 Websphere Application Server | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Administrative Console in IBM WebSphere Application Server 6.1 before Fix Pack 13 has unknown impact and attack vectors, related to "security concerns with monitor role users." NOTE: it was later reported that 6.0.2 before Fix Pack 25 is also affected. | |||||
| CVE-2009-4152 | 1 Ibm | 1 Websphere Portal | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Collaboration component in IBM WebSphere Portal 6.1.x before 6.1.0.3 allows remote attackers to inject arbitrary web script or HTML via the people picker tag. | |||||
| CVE-2009-0906 | 1 Ibm | 1 Websphere Application Server | 2025-04-09 | 6.5 MEDIUM | N/A |
| The Service Component Architecture (SCA) feature pack for IBM WebSphere Application Server (WAS) SCA 1.0 before 1.0.0.3 allows remote authenticated users to bypass intended authentication.transport access restrictions and obtain unspecified access via unknown vectors. | |||||
| CVE-2007-6295 | 1 Ibm | 1 Lotus Sametime | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the WebRunMenuFrame page in the online meeting center template in IBM Lotus Sametime before 8.0 allows remote attackers to inject arbitrary web script or HTML via the URI. | |||||