Filtered by vendor Ibm
Subscriptions
Total
7964 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1027 | 1 Ibm | 1 Db2 | 2025-04-09 | N/A |
| Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file. | ||||
| CVE-2007-5544 | 1 Ibm | 2 Lotus Domino, Lotus Notes | 2025-04-09 | 7.8 High |
| IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session. | ||||
| CVE-2007-4272 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | N/A |
| Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker's umask is honored, (2) /etc/ld.so.preload, (3) certain "cron data file locations", and other unspecified vectors possibly involving the (4) OSSEMEMDBG or (5) TRC_LOG_FILE environment variable in db2licd (db2licm). | ||||
| CVE-2009-0879 | 2 Ibm, Microsoft | 2 Director, Windows | 2025-04-09 | N/A |
| The CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to cause a denial of service (daemon crash) via a long consumer name, as demonstrated by an M-POST request to a long /CIMListener/ URI. | ||||
| CVE-2008-0243 | 1 Ibm | 1 Lotus Domino | 2025-04-09 | N/A |
| Unspecified vulnerability in Lotus Domino 7.0.2 before Fix Pack 3 allows attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2008-0354 | 1 Ibm | 1 Lotus Sametime | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the chat client in IBM Lotus Sametime 7.5 and 7.5.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted message, which triggers code execution after a mouseover event initiated by the victim. | ||||
| CVE-2008-0368 | 1 Ibm | 1 Informix Dynamic Server | 2025-04-09 | N/A |
| onedcu in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument. | ||||
| CVE-2008-0495 | 1 Ibm | 1 Hardware Management Console | 2025-04-09 | N/A |
| Unspecified vulnerability in the Pegasus CIM Server in IBM Hardware Management Console (HMC) 7 R3.2.0 allows remote attackers to cause a denial of service via unspecified vectors. | ||||
| CVE-2009-3730 | 1 Ibm | 1 Rational Requisitepro | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the ReqWeb Help feature (aka the Web Client Help system) in IBM Rational RequisitePro 7.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the operation parameter to ReqWebHelp/advanced/workingSet.jsp, or the (2) searchWord, (3) maxHits, (4) scopedSearch, or (5) scope parameter to ReqWebHelp/basic/searchView.jsp. | ||||
| CVE-2008-0509 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service (crash) or possibly gain privileges via a long argument to (1) piox25, related to piox25.c; or (2) piox25remote, related to piox25remote.sh. | ||||
| CVE-2008-5412 | 2 Ibm, Microsoft | 2 Websphere Application Server, Windows | 2025-04-09 | N/A |
| Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows has unknown impact and attack vectors related to JSPs. NOTE: this is probably a duplicate of CVE-2009-0438. | ||||
| CVE-2008-0584 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| Multiple buffer overflows in bos.rte.control in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) swap, (2) swapoff, and (3) swapon programs. | ||||
| CVE-2008-0585 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| sysmgt.websm.webaccess in IBM AIX 5.2 and 5.3 has world writable permissions for unspecified WebSM Remote Client files, which allows local users to "alter the behavior of" this client by overwriting these files. | ||||
| CVE-2008-0587 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| Buffer overflow in the uspchrp program in devices.chrp.base.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2008-0588 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| Buffer overflow in the utape program in devices.scsi.tape.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2008-0589 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| The ps program in bos.rte.control in IBM AIX 5.2, 5.3, and 6.1 allows local users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2007-5819 | 1 Ibm | 1 Tivoli Continuous Data Protection For Files | 2025-04-09 | N/A |
| IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted write) for the Central Admin Global download directory, which allows local users to place arbitrary files into a location used for updating CDP clients. | ||||
| CVE-2008-0698 | 1 Ibm | 1 Db2 | 2025-04-09 | N/A |
| Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 has unknown attack vectors, and an impact probably involving "invalid memory access." | ||||
| CVE-2008-0694 | 1 Ibm | 1 Os 400 | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the HTTP Server in IBM OS/400 V5R3M0 and V5R4M0 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. | ||||
| CVE-2008-1595 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| The proc filesystem in the kernel in IBM AIX 5.2 and 5.3 does not properly enforce directory permissions when a file executing from a directory has weaker permissions than the directory itself, which allows local users to obtain sensitive information. | ||||