Filtered by vendor Ibm
Subscribe
Total
8217 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-6068 | 1 Ibm | 1 Urbancode Deploy | 2026-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties. | |||||
| CVE-2017-1453 | 1 Ibm | 1 Security Access Manager 9.0 Firmware | 2026-05-13 | 9.0 HIGH | 8.8 HIGH |
| IBM Security Access Manager Appliance 9.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 128372. | |||||
| CVE-2014-9565 | 1 Ibm | 4 En6131, En6131 Firmware, Ib6131 and 1 more | 2026-05-13 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband Switch firmware 3.4.0000 and earlier. | |||||
| CVE-2016-8971 | 1 Ibm | 1 Websphere Mq | 2026-05-13 | 6.8 MEDIUM | 6.5 MEDIUM |
| IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IBM Reference #: 1998663. | |||||
| CVE-2017-1371 | 1 Ibm | 1 Tririga Application Platform | 2026-05-13 | 6.5 MEDIUM | 8.8 HIGH |
| Builder tools running in the IBM TRIRIGA Application Platform 3.3, 3.4, and 3.5 contains a vulnerability that could allow an authenticated user to execute Builder tool actions they do not have access to. IBM X-Force ID: 126864. | |||||
| CVE-2016-6044 | 1 Ibm | 1 Tivoli Storage Manager | 2026-05-13 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Tivoli Storage Manager Operations Center could allow an authenticated attacker to enable or disable the application's REST API, which may let the attacker violate security policy. | |||||
| CVE-2017-1491 | 1 Ibm | 1 Qradar Network Security | 2026-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| IBM QRadar Network Security 5.4 supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. IBM X-Force ID: 128689. | |||||
| CVE-2017-1331 | 1 Ibm | 1 Content Navigator | 2026-05-13 | 3.5 LOW | 5.4 MEDIUM |
| IBM Content Navigator 2.0.3 and 3.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126233. | |||||
| CVE-2016-8982 | 1 Ibm | 1 Infosphere Datastage | 2026-05-13 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM InfoSphere Information Server stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. | |||||
| CVE-2016-9698 | 1 Ibm | 1 Rational Rhapsody Design Manager | 2026-05-13 | 7.5 HIGH | 8.1 HIGH |
| IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 1999960. | |||||
| CVE-2017-1468 | 1 Ibm | 2 Infosphere Information Server, Softlayer | 2026-05-13 | 4.6 MEDIUM | 7.8 HIGH |
| IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. IBM X-force ID: 128467. | |||||
| CVE-2016-2969 | 1 Ibm | 1 Sametime | 2026-05-13 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Sametime Meeting Server 8.5.2 and 9.0 may send replies that contain emails of people that should not be in these messages. IBM X-Force ID: 113850. | |||||
| CVE-2016-6079 | 1 Ibm | 2 Aix, Vios | 2026-05-13 | 7.2 HIGH | 7.8 HIGH |
| IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053. | |||||
| CVE-2016-5880 | 1 Ibm | 2 Domino, Inotes | 2026-05-13 | 3.5 LOW | 5.4 MEDIUM |
| IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2017-1698 | 1 Ibm | 1 Websphere Portal | 2026-05-13 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could reveal sensitive information from an error message that could lead to further attacks against the system. IBM X-Force ID: 124390. | |||||
| CVE-2017-1441 | 1 Ibm | 1 Emptoris Services Procurement | 2026-05-13 | 2.1 LOW | 5.5 MEDIUM |
| IBM Emptoris Services Procurement 10.0.0.5 could allow a local user to view sensitive information stored locally due to improper access control. IBM X-Force ID: 128106. | |||||
| CVE-2016-5950 | 1 Ibm | 1 Kenexa Lcms Premier | 2026-05-13 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Kenexa LCMS Premier on Cloud stores user credentials in plain in clear text which can be read by an authenticated user. | |||||
| CVE-2017-1245 | 1 Ibm | 1 Rational Software Architect Design Manager | 2026-05-13 | 3.5 LOW | 5.4 MEDIUM |
| IBM Rational Software Architect Design Manager 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124580. | |||||
| CVE-2017-1337 | 1 Ibm | 1 Websphere Mq | 2026-05-13 | 4.3 MEDIUM | 8.1 HIGH |
| IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly transmit user credentials in plain text. IBM X-Force ID: 126245. | |||||
| CVE-2017-1334 | 1 Ibm | 1 Rational Engineering Lifecycle Manager | 2026-05-13 | 3.5 LOW | 5.4 MEDIUM |
| IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126242. | |||||