Filtered by vendor Ibm
Subscriptions
Total
8060 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4228 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| rmpvc on IBM AIX 4.3 allows local users to cause a denial of service (system crash) via long port logical name (-l) argument. | ||||
| CVE-2007-4276 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | N/A |
| Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer. | ||||
| CVE-2007-4592 | 1 Ibm | 1 Rational Clearquest | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the web interface for IBM Rational ClearQuest before 2003.06.16 Patch 2008A, 7.0.0.2_iFix01, and 7.0.1.1_iFix01 allow remote attackers to inject arbitrary web script or HTML via the (1) contextid, (2) username, (3) userNameVal, and (4) schema parameters to the login component. | ||||
| CVE-2007-4791 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2005-3504 and CVE-2007-0978. | ||||
| CVE-2007-4792 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2007-4793 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2007-5910 | 4 Activepdf, Autonomy, Ibm and 1 more | 6 Docconverter, Keyview Export Sdk, Keyview Filter Sdk and 3 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file. | ||||
| CVE-2007-6219 | 1 Ibm | 1 Tivoli Netcool Security Manager | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool Security Manager 1.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-6305 | 3 Ibm, Linux, Unix | 3 Hardware Management Console, Linux Kernel, Unix | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 7 R3.2.0 allow attackers to gain privileges via "some HMC commands." | ||||
| CVE-2007-6525 | 1 Ibm | 1 Db2 Content Manager Toolkit | 2025-04-09 | N/A |
| Unspecified vulnerability in eClient in IBM DB2 Content Manager (CM) Toolkit 8.3 before fix pack 7 for z/OS has unknown impact and attack vectors, related to "scripting." | ||||
| CVE-2008-0354 | 1 Ibm | 1 Lotus Sametime | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the chat client in IBM Lotus Sametime 7.5 and 7.5.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted message, which triggers code execution after a mouseover event initiated by the victim. | ||||
| CVE-2008-0717 | 1 Ibm | 1 Websphere Edge Server | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in Caching Proxy (CP) 5.1 through 6.1 in IBM WebSphere Edge Server, when CGI mapping rules are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger injection into an error response. | ||||
| CVE-2006-6135 | 1 Ibm | 1 Websphere Application Server | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) have unknown impact and attack vectors, related to (1) a "Potential security vulnerability" (PK29725) and (2) "Potential security exposure" (PK30831). | ||||
| CVE-2008-0861 | 1 Ibm | 1 Lotus Quickplace | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in leg/Main.nsf in IBM Lotus Quickplace 7.0 allows remote attackers to inject arbitrary web script or HTML via an h_SearchString sub-parameter in the PreSetFields parameter of an EditDocument action. | ||||
| CVE-2008-0862 | 1 Ibm | 1 Lotus Notes | 2025-04-09 | N/A |
| IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a user forwards an email message to another user, which allows user-assisted remote attackers to bypass Execution Control List (ECL) protection. | ||||
| CVE-2008-1217 | 1 Ibm | 1 Lotus Notes | 2025-04-09 | N/A |
| Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH, and 8.0.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted attachment in an e-mail message sent over SMTP, a variant of CVE-2007-6706. | ||||
| CVE-2008-1287 | 1 Ibm | 1 Rational Clearquest | 2025-04-09 | N/A |
| IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames. | ||||
| CVE-2008-1718 | 2 Autonomy, Ibm | 2 Keyview, Lotus Notes | 2025-04-09 | N/A |
| Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, as used in IBM Lotus Notes before 8.0, might allow user-assisted remote attackers to execute arbitrary code via an e-mail message with a crafted Text mail (MIME) attachment. | ||||
| CVE-2008-2163 | 2 Ibm, Microsoft | 4 Aix, I5os, Lotus Quickr and 1 more | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Lotus Quickr 8.1 before Hotfix 5 for Windows and AIX, and before Hotfix 3 for i5/OS, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to "WYSIWYG editors." | ||||
| CVE-2008-2499 | 1 Ibm | 1 Lotus Sametime | 2025-04-09 | N/A |
| Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL. | ||||