Filtered by vendor Ibm
Subscriptions
Total
8060 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-2190 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| IBM Global Security Kit (aka GSKit), as used in IBM HTTP Server in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.4, and 8.5.x before 8.5.0.1, allows remote attackers to cause a denial of service (daemon crash) via a crafted ClientHello message in the TLS Handshake Protocol. | ||||
| CVE-2013-0485 | 1 Ibm | 1 Java | 2025-04-11 | N/A |
| Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before SR13-FP1, 5.0 before SR16-FP1, and 1.4.2 before SR13-FP16 has unknown impact and attack vectors related to Class Libraries. | ||||
| CVE-2010-3271 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Integrated Solutions Console (aka administrative console) in IBM WebSphere Application Server (WAS) 7.0.0.13 and earlier allow remote attackers to hijack the authentication of administrators for requests that disable certain security options via an Edit action to console/adminSecurityDetail.do followed by a save action to console/syncworkspace.do. | ||||
| CVE-2011-1207 | 1 Ibm | 1 Rational System Architect | 2025-04-11 | N/A |
| The ActiveBar1 ActiveX control in the Data Dynamics ActiveBar ActiveX controls, as distributed in ActBar.ocx 1.0.6.5 in IBM Rational System Architect 11.4.0.2, 11.4.0.1, and earlier, does not properly restrict the SetLayoutData method, which allows remote attackers to execute arbitrary code via a crafted Data argument, a different vulnerability than CVE-2007-3883. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-2433 | 1 Ibm | 1 Websphere Ilog Jrules | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in content/internalError.jsp in IBM WebSphere ILOG JRules 6.7 allow remote attackers to inject arbitrary web script or HTML via an RTS URL to (1) explore/explore.jsp, (2) compose/compose.jsp, or (3) home.jsp in faces/. | ||||
| CVE-2011-3575 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Stack-based buffer overflow in the NSFComputeEvaluateExt function in Nnotes.dll in IBM Lotus Domino 8.5.2 allows remote authenticated users to execute arbitrary code via a long tHPRAgentName parameter in an fmHttpPostRequest OpenForm action to WebAdmin.nsf. | ||||
| CVE-2011-1224 | 1 Ibm | 1 Websphere Mq | 2025-04-11 | N/A |
| IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not use the CRL Distribution Points (CDP) certificate extension, which might allow man-in-the-middle attackers to spoof an SSL partner via a revoked certificate for a (1) client, (2) queue manager, or (3) application. | ||||
| CVE-2011-0314 | 1 Ibm | 1 Websphere Mq | 2025-04-11 | N/A |
| Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 allows remote authenticated users to execute arbitrary code or cause a denial of service (queue manager crash) by inserting an invalid message into the queue. | ||||
| CVE-2013-5447 | 1 Ibm | 1 Forms Viewer | 2025-04-11 | N/A |
| Stack-based buffer overflow in IBM Forms Viewer 4.x before 4.0.0.3 and 8.x before 8.0.1.1 allows remote attackers to execute arbitrary code via an XFDL form with a long fontname value. | ||||
| CVE-2013-0600 | 1 Ibm | 2 Websphere Datapower Xc10 Appliance, Websphere Datapower Xc10 Appliance Firmware | 2025-04-11 | N/A |
| Unspecified vulnerability on IBM WebSphere DataPower XC10 Appliance devices 2.0 and 2.1 through 2.1 FP3 allows remote attackers to bypass authentication and perform administrative actions via unknown vectors. | ||||
| CVE-2011-4890 | 1 Ibm | 1 Soliddb | 2025-04-11 | N/A |
| The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a ROWNUM condition involving a subquery. | ||||
| CVE-2013-4061 | 1 Ibm | 1 Rational Policy Tester | 2025-04-11 | N/A |
| IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly check authorization for changes to the set of authentication hosts, which allows remote authenticated users to perform spoofing attacks involving an HTTP redirect via unspecified vectors. | ||||
| CVE-2010-0782 | 1 Ibm | 1 Websphere Mq | 2025-04-11 | N/A |
| IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows remote attackers to spoof X.509 certificate authentication, and send or receive channel messages, via a crafted Subject Distinguished Name (DN) value in a certificate. | ||||
| CVE-2013-0487 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentials by leveraging knowledge of configuration details, aka SPR KLYH8TNNDN. | ||||
| CVE-2014-0830 | 1 Ibm | 1 Financial Transaction Manager | 2025-04-11 | N/A |
| Directory traversal vulnerability in the table-export implementation in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 and 2.1 before 2.1.0.1 allows remote authenticated users to read arbitrary files via a modified pathname. | ||||
| CVE-2013-0593 | 1 Ibm | 1 Spss Samplepower | 2025-04-11 | N/A |
| Unspecified vulnerability in the olch2x32 ActiveX control in IBM SPSS SamplePower 3.0 before 3.0-IM-S3SAMPC-WIN32-FP001 allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2013-2979 | 1 Ibm | 2 Infosphere Optim Performance Manager, Optim Performance Manager | 2025-04-11 | N/A |
| Directory traversal vulnerability in IBM Optim Performance Manager 4.1.1 and IBM InfoSphere Optim Performance Manager 5.x before 5.2 allows remote authenticated users to read arbitrary files via a crafted URL. | ||||
| CVE-2008-7290 | 1 Ibm | 1 Tivoli Directory Server | 2025-04-11 | N/A |
| Memory leak in the ldap_explode_rdn API function in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 allows remote authenticated users to cause a denial of service (memory consumption) by making many function calls. | ||||
| CVE-2012-0201 | 1 Ibm | 1 Personal Communications | 2025-04-11 | N/A |
| Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Personal Communications 5.9.x before 5.9.8 and 6.0.x before 6.0.4 might allow remote attackers to execute arbitrary code via a long profile string in a WorkStation (aka .ws) file. | ||||
| CVE-2012-2176 | 1 Ibm | 1 Lotus Quickr | 2025-04-11 | N/A |
| Multiple stack-based buffer overflows in a certain ActiveX control in qp2.cab in IBM Lotus Quickr 8.2 before 8.2.0.27-002a for Domino allow remote attackers to execute arbitrary code via a long argument to the (1) Attachment_Times or (2) Import_Times method. | ||||