Filtered by vendor Ibm
Subscriptions
Total
8188 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1121 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| The default configuration for UUCP in AIX before 3.2 allows local users to gain root privileges. | ||||
| CVE-2000-0873 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities. | ||||
| CVE-1999-1075 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not properly closed by inetd. | ||||
| CVE-2002-2014 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | N/A |
| Lotus Domino 5.0.8 web server returns different error messages when a valid or invalid user is provided in HTTP requests, which allows remote attackers to determine valid user names and makes it easier to conduct brute force attacks. | ||||
| CVE-1999-1583 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument. | ||||
| CVE-1999-0693 | 3 Hp, Ibm, Sco | 3 Hp-ux, Aix, Unixware | 2025-04-03 | N/A |
| Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. | ||||
| CVE-2005-3498 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | N/A |
| IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before 5.1.1.8, and 6.x before fixpack V6.0.2.5, when session trace is enabled, records a full URL including the queryString in the trace logs when an application encodes a URL, which could allow attackers to obtain sensitive information. | ||||
| CVE-2005-2712 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | N/A |
| The LDAP server (nldap.exe) in IBM Lotus Domino before 7.0.1, 6.5.5, and 6.5.4 FP2 allows remote attackers to cause a denial of service (crash) via a long bind request, which triggers a null dereference. | ||||
| CVE-2005-3568 | 1 Ibm | 1 Db2 Content Manager | 2025-04-03 | N/A |
| db2fmp process in IBM DB2 Content Manager before 8.2 Fix Pack 10 allows local users to cause a denial of service (CPU consumption) by importing a corrupted Microsoft Excel file, aka "CORRUPTED EXEL FILE WILL CAUSE TEXT SEARCH PROCESS LOOPING." | ||||
| CVE-2022-39167 | 1 Ibm | 1 Spectrum Virtualize | 2025-04-02 | 5.9 Medium |
| IBM Spectrum Virtualize 8.5, 8.4, 8.3, 8.2, and 7.8, under certain configurations, could disclose sensitive information to an attacker using man-in-the-middle techniques. IBM X-Force ID: 235408. | ||||
| CVE-2021-39011 | 2 Ibm, Linux | 2 Cloud Pak For Security, Linux Kernel | 2025-04-02 | 4.2 Medium |
| IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 stores potentially sensitive information in log files that could be read by a privileged user. IBM X-Force ID: 213645. | ||||
| CVE-2022-41733 | 3 Ibm, Linux, Microsoft | 3 Infosphere Information Server, Linux Kernel, Windows | 2025-04-01 | 5.3 Medium |
| IBM InfoSphere Information Server 11.7 could allow a remote attacked to cause some of the components to be unusable until the process is restarted. IBM X-Force ID: 237583. | ||||
| CVE-2023-27545 | 1 Ibm | 1 Cloud Pak For Data | 2025-04-01 | 4 Medium |
| IBM Watson CloudPak for Data Data Stores information disclosure 4.6.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 248947. | ||||
| CVE-2021-39089 | 2 Ibm, Linux | 2 Cloud Pak For Security, Linux Kernel | 2025-03-31 | 4.3 Medium |
| IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request. IBM X-Force ID: 216387. | ||||
| CVE-2022-22462 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2025-03-31 | 3.7 Low |
| IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225078. | ||||
| CVE-2022-43864 | 1 Ibm | 2 Business Automation Workflow, Business Monitor | 2025-03-31 | 7.5 High |
| IBM Business Automation Workflow 22.0.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 239427. | ||||
| CVE-2022-43917 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2025-03-31 | 5.9 Medium |
| IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the containerized version of WebSphere Application Server traditional. IBM X-Force ID: 241045. | ||||
| CVE-2024-22344 | 1 Ibm | 2 Txseries For Multiplatform, Txseries For Multiplatforms | 2025-03-28 | 6.1 Medium |
| IBM TXSeries for Multiplatforms 8.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 280191. | ||||
| CVE-2024-51456 | 2 Ibm, Microsoft | 2 Robotic Process Automation, Windows | 2025-03-28 | 5.9 Medium |
| IBM Robotic Process Automation 21.0.0 through 21.0.7.19 and 23.0.0 through 23.0.19 could allow a remote attacker to obtain sensitive data that may be exposed through certain crypto-analytic attacks. | ||||
| CVE-2024-54181 | 2 Ibm, Linux | 2 Websphere Automation, Linux Kernel | 2025-03-28 | 7.2 High |
| IBM WebSphere Automation 1.7.5 could allow a remote privileged user, who has authorized access to the swagger UI, to execute arbitrary code. Using specially crafted input, the user could exploit this vulnerability to execute arbitrary code on the system. | ||||