Filtered by vendor Ibm
Subscriptions
Total
8213 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2582 | 1 Ibm | 1 Db2 | 2026-04-23 | N/A |
| Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG parameter or (2) a long packet that generates a "MemTree overflow." | ||||
| CVE-2008-3235 | 1 Ibm | 1 Websphere Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the PropFilePasswordEncoder utility in the Security component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 has unknown impact and attack vectors. | ||||
| CVE-2009-2727 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long XDR-encoded ASCII string to remote procedure 15. | ||||
| CVE-2007-4353 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root privileges via unspecified vectors involving the (1) chpath, (2) rmpath, and (3) devinstall programs in bos.rte.methods. | ||||
| CVE-2007-4368 | 1 Ibm | 1 Rational Clearquest | 2026-04-23 | N/A |
| SQL injection vulnerability in /main in IBM Rational ClearQuest (CQ) Web 7.0.0.0-IFIX02 and 7.0.0.1 allows remote attackers to execute arbitrary SQL commands via the username parameter in a GenerateMainFrame command. | ||||
| CVE-2008-1708 | 1 Ibm | 1 Soliddb | 2026-04-23 | N/A |
| IBM solidDB 06.00.1018 and earlier does not validate a certain field that specifies an amount of memory to allocate, which allows remote attackers to cause a denial of service (daemon exit) via a packet with a large value in this field. | ||||
| CVE-2008-1718 | 2 Autonomy, Ibm | 2 Keyview, Lotus Notes | 2026-04-23 | N/A |
| Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, as used in IBM Lotus Notes before 8.0, might allow user-assisted remote attackers to execute arbitrary code via an e-mail message with a crafted Text mail (MIME) attachment. | ||||
| CVE-2007-4474 | 1 Ibm | 2 Domino Web Access, Lotus Domino Web Access | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1. | ||||
| CVE-2007-4598 | 1 Ibm | 1 Surepos 500 | 2026-04-23 | N/A |
| IBM SurePOS 500 has (1) a default password of "12345" for the manager and (2) blank default passwords for operator accounts. | ||||
| CVE-2007-4622 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" (TSIG key) command line argument to dig. | ||||
| CVE-2007-4623 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command. | ||||
| CVE-2007-4271 | 1 Ibm | 1 Db2 Universal Database | 2026-04-23 | N/A |
| Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE: this issue might be related to symlink following. | ||||
| CVE-2007-4272 | 1 Ibm | 1 Db2 Universal Database | 2026-04-23 | N/A |
| Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker's umask is honored, (2) /etc/ld.so.preload, (3) certain "cron data file locations", and other unspecified vectors possibly involving the (4) OSSEMEMDBG or (5) TRC_LOG_FILE environment variable in db2licd (db2licm). | ||||
| CVE-2007-4273 | 1 Ibm | 1 Db2 Universal Database | 2026-04-23 | N/A |
| IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment variable in db2licd (db2licm). | ||||
| CVE-2007-4275 | 1 Ibm | 1 Db2 Universal Database | 2026-04-23 | N/A |
| Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to (1) DB2 instance or FMP startup on Linux and Solaris; (2) exec of executables while running as root on non-Windows systems, as demonstrated by AIX; and unspecified vectors involving (3) db2licm and (4) db2pd. | ||||
| CVE-2007-4276 | 1 Ibm | 1 Db2 Universal Database | 2026-04-23 | N/A |
| Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer. | ||||
| CVE-2007-4309 | 1 Ibm | 1 Lotus Notes | 2026-04-23 | N/A |
| IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696. | ||||
| CVE-2008-1597 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| The WPAR system call implementation in the kernel in IBM AIX 6.1 allows local users to cause a denial of service via unknown calls that trigger "undefined behavior." | ||||
| CVE-2008-1596 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, related to missing checks in the TSD_FILES_LOCK policy for modifications performed via hard links, a different vulnerability than CVE-2007-6680. | ||||
| CVE-2008-1595 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| The proc filesystem in the kernel in IBM AIX 5.2 and 5.3 does not properly enforce directory permissions when a file executing from a directory has weaker permissions than the directory itself, which allows local users to obtain sensitive information. | ||||