Filtered by vendor Ibm
Subscribe
Total
7404 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-5391 | 1 Ibm | 2 Mobile Foundation, Worklight | 2024-11-21 | 3.5 LOW | 5.3 MEDIUM |
| IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by leveraging improper initialization of the pseudo random number generator (PRNG) in Android and use of the Java Cryptography Architecture (JCA) by a Worklight program. IBM X-Force ID: 87128. | |||||
| CVE-2013-4040 | 1 Ibm | 1 Tivoli Application Dependency Discovery Manager | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. IBM X-Force ID: 86176. | |||||
| CVE-2013-4035 | 1 Ibm | 1 Sterling Connect | 2024-11-21 | 4.1 MEDIUM | 7.3 HIGH |
| IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL encryption with the client. IBM X-Force ID: 86138. | |||||
| CVE-2013-3323 | 1 Ibm | 13 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 10 more | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access. | |||||
| CVE-2013-3024 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| IBM WebSphere Application Server (WAS) 8.5 through 8.5.0.2 on UNIX allows local users to gain privileges by leveraging improper process initialization. IBM X-Force ID: 84362. | |||||
| CVE-2013-3023 | 1 Ibm | 1 Tivoli Application Dependency Discovery Manager | 2024-11-21 | 4.3 MEDIUM | 8.1 HIGH |
| IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote attackers to obtain sensitive information about Tomcat credentials by sniffing the network for a session in which HTTP is used. IBM X-Force ID: 84361. | |||||
| CVE-2013-3018 | 1 Ibm | 1 Tivoli Application Dependency Discovery Manager | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 allows remote attackers to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. IBM X-Force ID: 84354. | |||||
| CVE-2013-3017 | 1 Ibm | 1 Tivoli Application Dependency Discovery Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Tivoli Application Dependency Discovery Manager (TADDM) before 7.2.1.5 and 7.2.x before 7.2.2 make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging support for weak SSL ciphers. IBM X-Force ID: 84353. | |||||
| CVE-2013-3001 | 1 Ibm | 1 Infosphere Data Replication Dashboard | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to read arbitrary files via unspecified vectors. IBM X-Force ID: 84127. | |||||
| CVE-2013-3000 | 1 Ibm | 1 Infosphere Data Replication Dashboard | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. IBM X-Force ID: 84116. | |||||
| CVE-2013-2999 | 1 Ibm | 1 Infosphere Data Replication Dashboard | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 84115. | |||||
| CVE-2013-2972 | 1 Ibm | 1 Websphere Cast Iron Cloud Integration | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| IBM WebSphere Cast Iron 6.3 allows remote attackers to bypass intended access restrictions via unspecified vectors. IBM X-Force ID: 83868. | |||||
| CVE-2013-2951 | 1 Ibm | 1 Websphere Portal | 2024-11-21 | 2.1 LOW | 7.8 HIGH |
| IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file. IBM X-Force ID: 83621. | |||||
| CVE-2013-0594 | 1 Ibm | 1 Inotes | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383. | |||||
| CVE-2013-0592 | 1 Ibm | 1 Inotes | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815. | |||||
| CVE-2013-0589 | 1 Ibm | 1 Inotes | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371. | |||||
| CVE-2013-0570 | 1 Ibm | 12 Flex System Fabric Cn4093, Flex System Fabric En4093, Flex System Si4093 and 9 more | 2024-11-21 | 2.9 LOW | 5.3 MEDIUM |
| The Fibre Channel over Ethernet (FCoE) feature in IBM System Networking and Blade Network Technology (BNT) switches running IBM Networking Operating System (aka NOS, formerly BLADE Operating System) floods data frames with unknown MAC addresses out on all interfaces on the same VLAN, which might allow remote attackers to obtain sensitive information in opportunistic circumstances by eavesdropping on the broadcast domain. IBM X-Force ID: 83166. | |||||
| CVE-2013-0522 | 1 Ibm | 1 Lotus Notes | 2024-11-21 | 1.9 LOW | 7.0 HIGH |
| The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531. | |||||
| CVE-2013-0517 | 1 Ibm | 1 Sterling External Authentication Server | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified OS command, which could let a local malicious user execute arbitrary code. | |||||
| CVE-2013-0507 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerability | |||||