Filtered by vendor Ibm
Subscribe
Total
8223 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5323 | 1 Ibm | 1 Websphere Application Server | 2026-04-23 | 10.0 HIGH | N/A |
| Unspecified vulnerability in IBM WebSphere Application Server before 6.1.0.2 has unspecified impact and attack vectors, related to a "possible security exposure," aka PK29360. | |||||
| CVE-2007-0978 | 1 Ibm | 1 Aix | 2026-04-23 | 7.2 HIGH | N/A |
| Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data. | |||||
| CVE-2008-4404 | 1 Ibm | 1 Zseries | 2026-04-23 | 10.0 HIGH | N/A |
| The IPv6 Neighbor Discovery Protocol (NDP) implementation on IBM zSeries servers does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB), a related issue to CVE-2008-2476. | |||||
| CVE-2009-0436 | 1 Ibm | 1 Websphere Application Server | 2026-04-23 | 7.2 HIGH | N/A |
| The (1) mod_ibm_ssl and (2) mod_cgid modules in IBM HTTP Server 6.0.x before 6.0.2.31 and 6.1.x before 6.1.0.19, as used in WebSphere Application Server (WAS), set incorrect permissions for AF_UNIX sockets, which has unknown impact and local attack vectors. | |||||
| CVE-2007-4623 | 1 Ibm | 1 Aix | 2026-04-23 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command. | |||||
| CVE-2009-4335 | 1 Ibm | 1 Db2 | 2026-04-23 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in bundled stored procedures in the Spatial Extender component in IBM DB2 9.5 before FP5 have unknown impact and remote attack vectors, related to "remote exploits." | |||||
| CVE-2007-4354 | 1 Ibm | 1 Aix | 2026-04-23 | 7.2 HIGH | N/A |
| Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2010-0312 | 2 Ibm, Linux | 2 Tivoli Directory Server, Linux Kernel | 2026-04-23 | 5.0 MEDIUM | N/A |
| The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.2 on Linux allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SecureWay 3.2 Event Registration Request (aka a 1.3.18.0.2.12.1 request). | |||||
| CVE-2007-4276 | 1 Ibm | 1 Db2 Universal Database | 2026-04-23 | 6.9 MEDIUM | N/A |
| Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer. | |||||
| CVE-2007-4622 | 1 Ibm | 1 Aix | 2026-04-23 | 7.2 HIGH | N/A |
| Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" (TSIG key) command line argument to dig. | |||||
| CVE-2008-0369 | 1 Ibm | 1 Informix Dynamic Server | 2026-04-23 | 6.9 MEDIUM | N/A |
| Multiple unspecified programs in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allow local users to create arbitrary files by specifying the target file in the SQLIDEBUG environment variable, whose ownership is changed to the user invoking the programs. | |||||
| CVE-2008-2499 | 1 Ibm | 1 Lotus Sametime | 2026-04-23 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL. | |||||
| CVE-2009-2667 | 1 Ibm | 1 Tklm | 2026-04-23 | 10.0 HIGH | N/A |
| Unspecified vulnerability in IBM Tivoli Key Lifecycle Manager (TKLM) 1.0 has unknown impact and attack vectors, related to a "password security vulnerability." | |||||
| CVE-2007-3232 | 1 Ibm | 1 Totalstorage Ds400 | 2026-04-23 | 10.0 HIGH | N/A |
| The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the (1) root, (2) user, (3) manager, (4) administrator, and (5) operator accounts, which allows remote attackers to gain login access via certain Linux daemons, including a telnet daemon on a nonstandard port, tcp/6000. | |||||
| CVE-2006-6537 | 1 Ibm | 1 Websphere Host On-demand | 2026-04-23 | 7.5 HIGH | N/A |
| IBM WebSphere Host On-Demand 6.0, 7.0, 8.0, 9.0, and possibly 10, allows remote attackers to bypass authentication via a modified pnl parameter, related to hod/HODAdmin.html and hod/frameset.html. | |||||
| CVE-2008-0354 | 1 Ibm | 1 Lotus Sametime | 2026-04-23 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the chat client in IBM Lotus Sametime 7.5 and 7.5.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted message, which triggers code execution after a mouseover event initiated by the victim. | |||||
| CVE-2008-2709 | 1 Ibm | 1 Os 400 | 2026-04-23 | 4.7 MEDIUM | N/A |
| Buffer overflow in the BrSmRcvAndCheck function in the RCHMGR module on IBM OS/400 V5R4M0, V5R4M5, and V6R1M0 allows local users to cause a denial of service (task halt and main storage dump) via unspecified vectors involving the running of diagnostics on a modem port. NOTE: there might be limited attack scenarios. | |||||
| CVE-2007-4238 | 1 Ibm | 1 Aix | 2026-04-23 | 6.9 MEDIUM | N/A |
| AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, which allows local users with bin or possibly printq privileges to gain root privileges by modifying pioinit. | |||||
| CVE-2009-1901 | 1 Ibm | 1 Websphere Application Server | 2026-04-23 | 10.0 HIGH | N/A |
| The Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35 permits "non-standard http methods," which has unknown impact and remote attack vectors. | |||||
| CVE-2006-5663 | 1 Ibm | 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect | 2026-04-23 | 4.6 MEDIUM | N/A |
| IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts. | |||||