Filtered by vendor Ibm
Subscribe
Total
8131 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-1315 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | 5.0 MEDIUM | N/A |
| Memory leak in the messaging engine in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) via network connections associated with a NULL return value from a synchronous JMS receive call. | |||||
| CVE-2012-3334 | 1 Ibm | 1 Informix Dynamic Server | 2025-04-11 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 before 11.50.xC9W2 and 11.70 before 11.70.xC5 allows remote authenticated users to execute arbitrary code via crafted arguments in a SET COLLATION statement. | |||||
| CVE-2013-5440 | 1 Ibm | 1 Infosphere Information Server | 2025-04-11 | 2.1 LOW | N/A |
| IBM InfoSphere Information Server 8.0, 8.1, 8.5, 8.7, and 9.1 allows local users to obtain sensitive information in opportunistic circumstances by leveraging the presence of file content after a failed installation. | |||||
| CVE-2013-2968 | 1 Ibm | 1 Sterling Control Center | 2025-04-11 | 6.3 MEDIUM | N/A |
| An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters. | |||||
| CVE-2010-1487 | 1 Ibm | 1 Lotus Notes | 2025-04-11 | 2.1 LOW | N/A |
| IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG. | |||||
| CVE-2011-0920 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | 9.3 HIGH | N/A |
| The Remote Console in IBM Lotus Domino, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors, aka SPR PRAD89WGRS. | |||||
| CVE-2013-2980 | 1 Ibm | 1 Data Studio | 2025-04-11 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remote attackers to hijack the authentication of arbitrary users for requests that access monitored database information. | |||||
| CVE-2013-5457 | 1 Ibm | 1 Java | 2025-04-11 | 9.3 HIGH | N/A |
| Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-4817 | 1 Ibm | 2 Aix, Vios | 2025-04-11 | 5.0 MEDIUM | N/A |
| The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2009-5032 | 1 Ibm | 1 Lotus Notes Traveler | 2025-04-11 | 5.8 MEDIUM | N/A |
| The encrypted e-mail feature in IBM Lotus Notes Traveler before 8.5.0.2 sends unencrypted messages when the feature is used without uploading a Notes ID file, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. | |||||
| CVE-2013-3027 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | 9.3 HIGH | N/A |
| Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to execute arbitrary code via a crafted web page, aka SPR PTHN97XHFW. | |||||
| CVE-2013-5389 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK2X. | |||||
| CVE-2010-4592 | 1 Ibm | 1 Lotus Mobile Connect | 2025-04-11 | 4.3 MEDIUM | N/A |
| The Mobile Network Connections functionality in the Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly handle failed attempts at establishing HTTP-TCP sessions, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) by making many TCP connection attempts. | |||||
| CVE-2012-1796 | 4 Hp, Ibm, Linux and 1 more | 5 Hp-ux, Aix, Db2 and 2 more | 2025-04-11 | 7.2 HIGH | N/A |
| Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as used in IBM DB2 9.5 before FP9 on UNIX, allows local users to gain privileges via unknown vectors. | |||||
| CVE-2008-7274 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | 4.3 MEDIUM | N/A |
| IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by (1) not providing a password or (2) providing an empty password. | |||||
| CVE-2011-2680 | 1 Ibm | 1 Rational Doors Web Access | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 has unknown impact and remote attack vectors related to the "server error response." | |||||
| CVE-2011-2887 | 2 Ibm, Linux | 2 Lotus Symphony, Linux Kernel | 2025-04-11 | 4.3 MEDIUM | N/A |
| IBM Lotus Symphony 3 before FP3 on Linux allows remote attackers to cause a denial of service (application crash) via a certain sample document. | |||||
| CVE-2009-5035 | 1 Ibm | 1 Lotus Notes Traveler | 2025-04-11 | 4.3 MEDIUM | N/A |
| The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle multiple outgoing e-mail messages between sync operations, which might allow remote attackers to read communications intended for other recipients by examining appended messages. | |||||
| CVE-2011-1038 | 1 Ibm | 1 Lotus Sametime | 2025-04-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the messageString parameter in a WebMessage action or (2) the PATH_INFO. | |||||
| CVE-2010-4785 | 4 Ibm, Linux, Microsoft and 1 more | 4 Tivoli Directory Server, Linux Kernel, Windows and 1 more | 2025-04-11 | 4.0 MEDIUM | N/A |
| The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) on Linux, Solaris, and Windows allows remote authenticated users to cause a denial of service (ABEND) via a malformed LDAP extended operation that triggers certain comparisons involving the NULL operation OID. | |||||