Filtered by vendor Ibm
Subscribe
Total
8096 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0466 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
|
AIX cdmount allows local users to gain root privileges via shell metacharacters.
|
|||||
| CVE-2004-0492 | 5 Apache, Hp, Ibm and 2 more | 7 Http Server, Virtualvault, Vvos and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
|
|||||
| CVE-2005-4834 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
IBM WebSphere Application Server (WAS) 5.0.2.5 through 5.1.1.3 allows remote attackers to obtain JSP source code and other sensitive information, related to incorrect request processing by the web container.
|
|||||
| CVE-2005-1176 | 1 Ibm | 1 Aix | 2025-04-03 | 1.2 LOW | N/A |
|
Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while I/O is still occurring for that file, may write data to a different file, which could leak sensitive information.
|
|||||
| CVE-1999-0513 | 7 Digital, Freebsd, Hp and 4 more | 8 Unix, Freebsd, Hp-ux and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
|
|||||
| CVE-2000-0249 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
|
The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program.
|
|||||
| CVE-2006-3778 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | 5.0 MEDIUM | N/A |
|
IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate name users when the (1) "Save As Draft" option is used or (2) a "," (comma) is inside the "phrase" portion of an address, which can cause the e-mail to be sent to users that were deleted from the To, CC, and BCC fields, which allows remote attackers to obtain the list of original recipients.
|
|||||
| CVE-1999-0789 | 1 Ibm | 1 Aix | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in AIX ftpd in the libc library.
|
|||||
| CVE-2004-2311 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | 3.6 LOW | N/A |
|
Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows local users to create folders or determine the existence of files via a .. (dot dot) in the new folder dialog.
|
|||||
| CVE-1999-0852 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 7.2 HIGH | N/A |
|
IBM WebSphere sets permissions that allow a local user to modify a deinstallation script or its data files stored in /usr/bin.
|
|||||
| CVE-2000-0027 | 1 Ibm | 1 Network Station Manager | 2025-04-03 | 6.2 MEDIUM | N/A |
|
IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack.
|
|||||
| CVE-2006-4681 | 1 Ibm | 1 Director | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in Redirect.bat in IBM Director before 5.10 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the file parameter.
|
|||||
| CVE-2001-1061 | 1 Ibm | 1 Aix | 2025-04-03 | 10.0 HIGH | N/A |
|
Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error.
|
|||||
| CVE-2005-4272 | 1 Ibm | 1 Aix | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal.
|
|||||
| CVE-2006-2647 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
|
Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands.
|
|||||
| CVE-2006-4682 | 1 Ibm | 1 Director | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in IBM Director before 5.10 allow remote attackers to cause a denial of service (crash) via unspecified vectors involving (1) malformed WMI CIM server requests and (2) malformed packets.
|
|||||
| CVE-2006-3068 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 5.0 MEDIUM | N/A |
|
IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote attackers to cause a denial of service (application crash) by sending "incorrect information ... regarding the package name/creator," which leads to a "memory overwrite."
|
|||||
| CVE-2004-0669 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | 7.5 HIGH | N/A |
|
Lotus Domino 6.5.0 and 6.5.1, with IMAP enabled, allows remote authenticated users to change their quota by using the IMAP setquota command.
|
|||||
| CVE-1999-0627 | 1 Ibm | 1 Aix | 2025-04-03 | N/A | N/A |
|
The rexd service is running, which uses weak authentication that can allow an attacker to execute commands.
|
|||||
| CVE-2005-3015 | 1 Ibm | 2 Lotus Domino, Lotus Domino Enterprise Server | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters.
|
|||||
| CVE-2006-3232 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in IBM WebSphere Application Server before 6.0.2.11 has unknown impact and attack vectors because the "UserNameToken cache was improperly used."
|
|||||
| CVE-2006-2432 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 7.5 HIGH | N/A |
|
IBM WebSphere Application Server 5.0.2 (or any earlier cumulative fix) and 5.1.1 (or any earlier cumulative fix) allows EJB access on Solaris systems via a crafted LTPA token.
|
|||||
| CVE-2006-2431 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in the 500 Internal Server Error page on the SOAP port (8880/tcp) in IBM WebSphere Application Server 5.0.2 and earlier, 5.1.x before 5.1.1.12, and 6.0.2 up to 6.0.2.7, allows remote attackers to inject arbitrary web script or HTML via the URI, which is contained in a FAULTACTOR element on this page. NOTE: some sources have reported the element as "faultfactor," but this is likely erroneous.
|
|||||
| CVE-2005-3760 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 7.8 HIGH | N/A |
|
Double free vulnerability in the BBOORB module in IBM WebSphere Application Server for z/OS 5.0 allows attackers to cause a denial of service (ABEND).
|
|||||
| CVE-2006-1246 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 allows local users to execute arbitrary commands when mklvcopy calls external commands, possibly due to an untrusted search path vulnerability.
|
|||||
| CVE-2000-1117 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method.
|
|||||
| CVE-2003-0954 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges.
|
|||||
| CVE-2002-0086 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux allows local users to gain root privileges via a long (1) Notes_ExecDirectory or (2) PATH environment variable.
|
|||||
| CVE-2000-1222 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
|
AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.
|
|||||
| CVE-2006-4223 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
IBM WebSphere Application Server (WAS) before 6.0.2.13 allows context-dependent attackers to obtain sensitive information via unspecified vectors related to "JSP source code exposure" (PK23475), which occurs when ibm-web-ext.xmi sets fileServingEnabled to true or ExtendedDocumentRoot is used to place a JSP outside a WAR.file; (3) the First Failure Data Capture (ffdc) log file (PK24834); and (4) traces (PK25568), a different issue than CVE-2006-4137.
|
|||||
| CVE-1999-0078 | 10 Bsdi, Freebsd, Hp and 7 more | 11 Bsd Os, Freebsd, Hp-ux and 8 more | 2025-04-03 | 1.9 LOW | N/A |
|
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
|
|||||
| CVE-2005-2073 | 1 Ibm | 1 Db2 | 2025-04-03 | 2.1 LOW | N/A |
|
Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through 8.2.2 allows local users with SELECT privileges to conduct unauthorized activities and insert, update or delete table contents.
|
|||||
| CVE-2003-0285 | 1 Ibm | 1 Aix | 2025-04-03 | 5.0 MEDIUM | N/A |
|
IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail.
|
|||||
| CVE-2006-3857 | 1 Ibm | 1 Informix Dynamic Database Server | 2025-04-03 | 6.5 MEDIUM | N/A |
|
Multiple buffer overflows in IBM Informix Dynamic Server (IDS) before 9.40.TC6 and 10.00 before 10.00.TC3 allow remote authenticated users to execute arbitrary code via (1) the getname function, as used by (a) _sq_remview, (b) _sq_remproc, (c) _sq_remperms, (d) _sq_distfetch, and (e) _sq_dcatalog; and the (2) SET DEBUG FILE, (3) IFX_FILE_TO_FILE, (4) FILETOCLOB, (5) LOTOFILE, and (6) DBINFO functions (product defect IDs 171649, 171367, 171387, 171391, 171906, 172179).
|
|||||
| CVE-2006-3066 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection.
|
|||||
| CVE-1999-0087 | 1 Ibm | 1 Aix | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Denial of service in AIX telnet can freeze a system and prevent users from accessing the server.
|
|||||
| CVE-2001-1096 | 1 Ibm | 1 Aix | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute code.
|
|||||
| CVE-1999-1531 | 1 Ibm | 1 Homepageprint | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag.
|
|||||
| CVE-2001-1557 | 1 Ibm | 1 Aix | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges.
|
|||||
| CVE-2004-1372 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.2 HIGH | N/A |
|
Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure.
|
|||||