Filtered by vendor Ibm
Subscribe
Total
8096 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1624 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Buffer overflow in Lotus Domino web server before R5.0.10, when logging to DOMLOG.NSF, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP Authenticate header containing certain non-ASCII characters.
|
|||||
| CVE-1999-1546 | 1 Ibm | 1 Navio Nc Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
|
netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on IBM AIX exports /tmp over NFS as world-readable and world-writable.
|
|||||
| CVE-2003-1050 | 1 Ibm | 1 Db2 | 2025-04-03 | 7.2 HIGH | N/A |
|
Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to (1) db2start, (2) db2stop, or (3) db2govd.
|
|||||
| CVE-2006-0580 | 1 Ibm | 1 Lotus Domino Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
IBM Lotus Domino Server 7.0 allows remote attackers to cause a denial of service (segmentation fault) via a crafted packet to the LDAP port (389/TCP).
|
|||||
| CVE-2005-4735 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 6.8 MEDIUM | N/A |
|
IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817.
|
|||||
| CVE-1999-0046 | 10 Bsdi, Debian, Digital and 7 more | 10 Bsd Os, Debian Linux, Ultrix and 7 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow of rlogin program using TERM environmental variable.
|
|||||
| CVE-2001-1312 | 1 Ibm | 1 Lotus Domino R5 | 2025-04-03 | 7.5 HIGH | N/A |
|
Format string vulnerabilities in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
|
|||||
| CVE-2005-0425 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown vulnerability in IBM Websphere Application Server 5.0, 5.1, and 6.0 when running on Windows, allows remote attackers to obtain the source code for Java Server Pages (.jsp) via a crafted URL that causes the page to be processed by the file serving servlet instead of the JSP engine.
|
|||||
| CVE-1999-0113 | 1 Ibm | 1 Aix | 2025-04-03 | 10.0 HIGH | N/A |
|
Some implementations of rlogin allow root access if given a -froot parameter.
|
|||||
| CVE-1999-0024 | 6 Bsdi, Ibm, Isc and 3 more | 12 Bsd Os, Aix, Bind and 9 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
DNS cache poisoning via BIND, by predictable query IDs.
|
|||||
| CVE-2003-1104 | 1 Ibm | 1 Tivoli Firewall Toolbox | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in IBM Tivoli Firewall Toolbox (TFST) 1.2 allows remote attackers to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2005-1441 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Format string vulnerability in Lotus Domino 6.0.x before 6.0.5 and 6.5.x before 6.5.4 allows remote attackers to cause a denial of service via the Notes protocol (NRPC).
|
|||||
| CVE-2002-0370 | 5 Allume Systems Division, Ibm, Microsoft and 2 more | 7 Stuffit Expander, Lotus Notes, Windows 98 Plus Pack and 4 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.
|
|||||
| CVE-2002-1550 | 1 Ibm | 1 Aix | 2025-04-03 | 4.6 MEDIUM | N/A |
|
dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files.
|
|||||
| CVE-2004-1082 | 8 Apache, Apple, Avaya and 5 more | 14 Http Server, Apache Mod Digest Apple, Communication Manager and 11 more | 2025-04-03 | 7.5 HIGH | N/A |
|
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
|
|||||
| CVE-2002-0905 | 1 Ibm | 1 Informix | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in sqlexec for Informix SE-7.25 allows local users to gain root privileges via a long INFORMIXDIR environment variable.
|
|||||
| CVE-2005-0868 | 4 Bosanova, Ibm, Mochasoft and 1 more | 4 Launcher400, Client Access, Tn5250 and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
|
AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC.
|
|||||
| CVE-1999-0099 | 5 Bsdi, Convex, Cray and 2 more | 7 Bsd Os, Convexos, Spp-ux and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.
|
|||||
| CVE-1999-0687 | 4 Cde, Digital, Ibm and 1 more | 5 Cde, Unix, Aix and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
|
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
|
|||||
| CVE-1999-0040 | 7 Bsdi, Freebsd, Hp and 4 more | 10 Bsd Os, Freebsd, Hp-ux and 7 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
|
|||||
| CVE-2002-1621 | 1 Ibm | 1 Aix | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and 5.1 allows remote attackers to execute arbitrary code.
|
|||||
| CVE-2001-0051 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.5 HIGH | N/A |
|
IBM DB2 Universal Database version 6.1 creates an account with a default user name and password, which allows remote attackers to gain access to the database.
|
|||||
| CVE-2006-3862 | 1 Ibm | 1 Informix Dynamic Server | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable (envariable).
|
|||||
| CVE-1999-1013 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
|
named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group to overwrite system files to gain root access via the -f parameter and a malformed zone file.
|
|||||
| CVE-1999-0318 | 4 Hp, Ibm, Redhat and 1 more | 5 Hp-ux, Aix, Linux and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
|
|||||
| CVE-2002-1168 | 1 Ibm | 1 Websphere Caching Proxy Server | 2025-04-03 | 6.8 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP request that contains an Location: header with a "%0a%0d" (CRLF) sequence, which echoes the Location as an HTTP header in the server response.
|
|||||
| CVE-2006-4221 | 1 Ibm | 1 Egatherer | 2025-04-03 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the IBM Access Support eGatherer ActiveX control before 3.20.0284.0 allows remote attackers to execute arbitrary code via a long filename parameter to the RunEgatherer method.
|
|||||
| CVE-2003-0681 | 8 Apple, Gentoo, Hp and 5 more | 14 Mac Os X, Mac Os X Server, Linux and 11 more | 2025-04-03 | 7.5 HIGH | N/A |
|
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
|
|||||
| CVE-2004-1760 | 2 Cisco, Ibm | 17 Call Manager, Conference Connection, Emergency Responder and 14 more | 2025-04-03 | 10.0 HIGH | N/A |
|
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.
|
|||||
| CVE-2003-0836 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command.
|
|||||
| CVE-2005-1405 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | 2.1 LOW | N/A |
|
HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications.
|
|||||
| CVE-2003-0758 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to gain root privileges via a long command line argument.
|
|||||
| CVE-1999-0042 | 5 Bsdi, Caldera, Ibm and 2 more | 6 Bsd Os, Openlinux, Aix and 3 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
|
|||||
| CVE-2001-1311 | 1 Ibm | 1 Lotus Domino R5 | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
|
|||||
| CVE-1999-0019 | 7 Data General, Ibm, Ncr and 4 more | 10 Dg Ux, Aix, Mp-ras and 7 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Delete or create a file via rpc.statd, due to invalid information.
|
|||||
| CVE-2005-3642 | 1 Ibm | 1 Informix Dynamic Database Server | 2025-04-03 | 7.5 HIGH | N/A |
|
IBM Informix Dynamic Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account by supplying an invalid username.
|
|||||
| CVE-2003-1049 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 4.6 MEDIUM | N/A |
|
IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files.
|
|||||
| CVE-2002-1012 | 1 Ibm | 1 Tivoli Management Framework | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
|
|||||
| CVE-1999-1403 | 1 Ibm | 1 Tivoli Opc Tracker Agent | 2025-04-03 | 7.2 HIGH | N/A |
|
IBM/Tivoli OPC Tracker Agent version 2 release 1 creates files, directories, and IPC message queues with insecure permissions (world-readable and world-writable), which could allow local users to disrupt operations and possibly gain privileges by modifying or deleting files.
|
|||||
| CVE-2002-0742 | 1 Ibm | 1 Aix | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in pioout on AIX 4.3.3.
|
|||||