Filtered by vendor Ibm
Subscriptions
Total
8188 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-34335 | 2 Ibm, Linux | 2 Sterling Partner Engagement Manager, Linux Kernel | 2025-04-08 | 6.5 Medium |
| IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.1 could allow an authenticated user to exhaust server resources which could lead to a denial of service. IBM X-Force ID: 229705. | ||||
| CVE-2022-40615 | 2 Ibm, Linux | 2 Sterling Partner Engagement Manager, Linux Kernel | 2025-04-08 | 6.3 Medium |
| IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 236208. | ||||
| CVE-2023-22875 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2025-04-04 | 8.4 High |
| IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the deployment that do not require that key. IBM X-Force ID: 244356. | ||||
| CVE-2023-22863 | 3 Ibm, Microsoft, Redhat | 5 Robotic Process Automation, Robotic Process Automation As A Service, Robotic Process Automation For Cloud Pak and 2 more | 2025-04-03 | 5.9 Medium |
| IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 244109. | ||||
| CVE-2023-22594 | 3 Ibm, Microsoft, Redhat | 5 Robotic Process Automation, Robotic Process Automation As A Service, Robotic Process Automation For Cloud Pak and 2 more | 2025-04-03 | 4.6 Medium |
| IBM Robotic Process Automation for Cloud Pak 20.12.0 through 21.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244075. | ||||
| CVE-2022-47990 | 1 Ibm | 2 Aix, Vios | 2025-04-03 | 6.2 Medium |
| IBM AIX 7.1, 7.2, 7.3 and VIOS , 3.1 could allow a non-privileged local user to exploit a vulnerability in X11 to cause a buffer overflow that could result in a denial of service or arbitrary code execution. IBM X-Force ID: 243556. | ||||
| CVE-2023-22592 | 2 Ibm, Redhat | 2 Robotic Process Automation For Cloud Pak, Openshift | 2025-04-03 | 4 Medium |
| IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to perform unauthorized actions due to insufficient permission settings. IBM X-Force ID: 244073. | ||||
| CVE-2001-1557 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges. | ||||
| CVE-2002-0746 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument. | ||||
| CVE-2006-3066 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | N/A |
| Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection. | ||||
| CVE-2005-2237 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Format string vulnerability in the swcons command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via long command line arguments. | ||||
| CVE-2005-4867 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | N/A |
| Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter. | ||||
| CVE-2006-0667 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| lscfg in IBM AIX 5.2 and 5.3 allows local users to modify arbitrary files via a symlink attack. | ||||
| CVE-2000-1117 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | N/A |
| The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method. | ||||
| CVE-1999-0627 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. | ||||
| CVE-1999-0628 | 4 Freebsd, Ibm, Linux and 1 more | 4 Freebsd, Aix, Linux Kernel and 1 more | 2025-04-03 | N/A |
| The rwho/rwhod service is running, which exposes machine status and user information. | ||||
| CVE-2002-1012 | 1 Ibm | 1 Tivoli Management Framework | 2025-04-03 | N/A |
| Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2005-4735 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | N/A |
| IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817. | ||||
| CVE-1999-0687 | 4 Cde, Digital, Ibm and 1 more | 5 Cde, Unix, Aix and 2 more | 2025-04-03 | N/A |
| The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. | ||||
| CVE-1999-0111 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| RIP v1 is susceptible to spoofing. | ||||