Filtered by vendor Ibm
Subscriptions
Total
7953 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-0704 | 1 Ibm | 1 Websphere Portal | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM WebSphere Portal 6.0.1.5 wp6015_008_01 allows remote attackers to inject arbitrary web script or HTML via the search field. | ||||
| CVE-2010-4594 | 1 Ibm | 1 Lotus Mobile Connect | 2025-04-11 | N/A |
| The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly process TCP connection requests, which allows remote attackers to cause a denial of service (memory consumption and HTTP-AS hang) by making many connection requests that trigger "queue size delta errors," related to a "timing hole" issue. | ||||
| CVE-2013-5372 | 2 Ibm, Redhat | 3 Websphere Message Broker, Network Satellite, Rhel Extras | 2025-04-11 | N/A |
| The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.7, and 8.0 before 8.0.0.4 and IBM Integration Bus 9.0 before 9.0.0.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document that triggers expansion for many entities. | ||||
| CVE-2010-4604 | 2 Ibm, Linux | 2 Tivoli Storage Manager, Linux Kernel | 2025-04-11 | N/A |
| Stack-based buffer overflow in the GeneratePassword function in dsmtca (aka the Trusted Communications Agent or TCA) in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.2.10, and 6.1.x before 6.1.3.1 on Unix and Linux allows local users to gain privileges by specifying a long LANG environment variable, and then sending a request over a pipe. | ||||
| CVE-2010-0563 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| The Single Sign-on (SSO) functionality in IBM WebSphere Application Server (WAS) 7.0.0.0 through 7.0.0.8 does not recognize the Requires SSL configuration option, which might allow remote attackers to obtain sensitive information by sniffing network sessions that were expected to be encrypted. | ||||
| CVE-2013-5400 | 1 Ibm | 1 Platform Symphony | 2025-04-11 | N/A |
| An unspecified servlet in IBM Platform Symphony Developer Edition (DE) 5.2 and 6.1.x through 6.1.1 has hardcoded credentials, which allows remote attackers to bypass authentication and obtain "local environment" access via unknown vectors. | ||||
| CVE-2010-4590 | 1 Ibm | 1 Lotus Mobile Connect | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HTTP Access Services (HTTP-AS) in the Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-0472 | 1 Ibm | 1 Db2 | 2025-04-11 | N/A |
| kuddb2 in Tivoli Monitoring for DB2, as distributed in IBM DB2 9.7 FP1 on Linux, allows remote attackers to cause a denial of service (daemon crash) via a certain byte sequence. | ||||
| CVE-2010-4591 | 1 Ibm | 1 Lotus Mobile Connect | 2025-04-11 | N/A |
| The Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not delete LTPA tokens in response to use of the iNotes Logoff button, which might allow physically proximate attackers to obtain access via an unattended client, related to a cookie domain mismatch. | ||||
| CVE-2010-4601 | 1 Ibm | 1 Rational Clearquest | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 allow attackers to have an unknown impact via vectors related to third-party .ocx files. | ||||
| CVE-2010-0462 | 1 Ibm | 1 Db2 | 2025-04-11 | N/A |
| Heap-based buffer overflow in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows remote authenticated users to have an unspecified impact via a SELECT statement that has a long column name generated with the REPEAT function. | ||||
| CVE-2012-0198 | 1 Ibm | 1 Tivoli Provisioning Manager Express For Software Distribution | 2025-04-11 | N/A |
| Stack-based buffer overflow in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allows remote attackers to execute arbitrary code via vectors related to an Asset Information file. | ||||
| CVE-2010-0358 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Heap-based buffer overflow in the server in IBM Lotus Domino 7 and 8.5 FP1 allows remote attackers to cause a denial of service (daemon exit) and possibly have unspecified other impact via a long string in a crafted LDAP message to a TCP port, a different vulnerability than CVE-2009-3087. | ||||
| CVE-2010-0357 | 1 Ibm | 1 Lotus Web Content Management | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Login page in IBM Lotus Web Content Management (WCM) 6.0.1.4, 6.0.1.5, and 6.0.1.6 before iFix 32; and 6.1.0.1 and 6.1.0.2 before iFix 24; for WebSphere Portal allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | ||||
| CVE-2010-4589 | 1 Ibm | 1 Enovia | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM ENOVIA 6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the emxFramework.FilterParameterPattern property. | ||||
| CVE-2011-5065 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41 allows remote attackers to inject arbitrary web script or HTML via vectors related to web messaging. | ||||
| CVE-2010-4602 | 1 Ibm | 1 Rational Clearquest | 2025-04-11 | N/A |
| The Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1 allows remote authenticated users to bypass "restricted user" limitations, and read arbitrary records, via a modified record number in the URL for a RECORD action, as demonstrated by a modified bookmark. | ||||
| CVE-2010-4787 | 1 Ibm | 1 Tivoli Directory Server | 2025-04-11 | N/A |
| IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote authenticated users to cause a denial of service (daemon hang) via a paged search that triggers improper mutex processing. | ||||
| CVE-2010-0155 | 1 Ibm | 2 Proventia Network Mail Security System Virtual Appliance, Proventia Network Mail Security System Virtual Appliance Firmware | 2025-04-11 | N/A |
| CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the javaVersion parameter. | ||||
| CVE-2010-0154 | 1 Ibm | 2 Proventia Network Mail Security System Virtual Appliance, Proventia Network Mail Security System Virtual Appliance Firmware | 2025-04-11 | N/A |
| Directory traversal vulnerability in sla/index.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the l parameter, related to an "Insecure Direct Object Reference vulnerability." | ||||