Filtered by vendor Ibm
Subscriptions
Total
7956 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-5413 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-04-11 | N/A |
| IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not invalidate a session upon a logout action, which allows remote attackers to bypass authentication by leveraging an unattended workstation. | ||||
| CVE-2013-5411 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-04-11 | N/A |
| IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote attackers to inject links and trigger unintended navigation or actions via unspecified vectors. | ||||
| CVE-2013-5409 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2011-0311 | 2 Ibm, Redhat | 4 Java, Runtimes For Java Technology, Rhel Extras and 1 more | 2025-04-11 | N/A |
| The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read. | ||||
| CVE-2013-5407 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-04-11 | N/A |
| IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not properly restrict use of FRAME elements, which allows remote authenticated users to bypass intended access restrictions or obtain sensitive information via a crafted web site, related to a "frame injection" issue. | ||||
| CVE-2013-5406 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, leading to improper interaction with the Windows MHTML protocol handler. | ||||
| CVE-2013-5403 | 1 Ibm | 2 Websphere Datapower Xc10 Appliance, Websphere Datapower Xc10 Appliance Firmware | 2025-04-11 | N/A |
| Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.0 through 2.5.0.1 allows remote attackers to obtain administrative access via unknown vectors. | ||||
| CVE-2013-5395 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | N/A |
| IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote attackers to bypass intended access restrictions via unspecified vectors. | ||||
| CVE-2013-5394 | 1 Ibm | 1 Websphere Extreme Scale | 2025-04-11 | N/A |
| The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to conduct phishing attacks via unspecified vectors. | ||||
| CVE-2010-2594 | 7 Ibm, Intersect Alliance, Linux and 4 more | 14 Aix, Snare Agent, Snare Epilog and 11 more | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5.3 and earlier on Windows, and Snare Epilog 1.2 and earlier on UNIX allow remote attackers to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port. | ||||
| CVE-2013-5393 | 1 Ibm | 1 Websphere Extreme Scale | 2025-04-11 | N/A |
| The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors. | ||||
| CVE-2013-5390 | 1 Ibm | 1 Websphere Extreme Scale | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-5389 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK2X. | ||||
| CVE-2013-5388 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK5F. | ||||
| CVE-2013-5387 | 1 Ibm | 1 Platform Symphony | 2025-04-11 | N/A |
| Buffer overflow in IBM Platform Symphony 5.2, 6.1, and 6.1.1 allows remote attackers to cause a denial of service (process crash or hang) via a malformed SOAP request with a large amount of request data. | ||||
| CVE-2013-5383 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | N/A |
| IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to gain privileges via unspecified vectors, a different vulnerability than CVE-2013-5382. | ||||
| CVE-2011-0494 | 1 Ibm | 1 Tivoli Access Manager For E-business | 2025-04-11 | N/A |
| Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors. NOTE: this might overlap CVE-2010-4622. | ||||
| CVE-2013-5382 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | N/A |
| IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to gain privileges via unspecified vectors, a different vulnerability than CVE-2013-5383. | ||||
| CVE-2013-5381 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | N/A |
| IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.3 allows remote authenticated users to gain privileges via unspecified vectors. | ||||
| CVE-2013-5380 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | N/A |
| IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows local users to obtain sensitive information via unspecified vectors. | ||||