Filtered by vendor Ibm
Subscribe
Total
8096 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2697 | 1 Ibm | 1 Aix | 2025-04-03 | 6.9 MEDIUM | N/A |
|
The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002.
|
|||||
| CVE-1999-0118 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
|
AIX infod allows local users to gain root access through an X display.
|
|||||
| CVE-2001-1313 | 1 Ibm | 1 Lotus Domino R5 | 2025-04-03 | 7.5 HIGH | N/A |
|
Lotus Domino R5 before R5.0.7a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via miscellaneous packets with semi-valid BER encodings, as demonstrated by the PROTOS LDAPv3 test suite.
|
|||||
| CVE-1999-0023 | 6 Bsdi, Freebsd, Ibm and 3 more | 10 Bsd Os, Freebsd, Aix and 7 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Local user gains root privileges via buffer overflow in rdist, via lookup() function.
|
|||||
| CVE-2001-0824 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 7.5 HIGH | N/A |
|
Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javascript into an error page.
|
|||||
| CVE-2006-0662 | 1 Ibm | 1 Lotus Domino Inotes Client | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in Lotus Domino iNotes Client 6.5.4 allows remote attackers to inject arbitrary web script or HTML via email with attached html files, which are directly rendered in the browser.
|
|||||
| CVE-2002-1011 | 1 Ibm | 1 Tivoli Management Framework | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
|
|||||
| CVE-1999-0094 | 1 Ibm | 1 Aix | 2025-04-03 | 4.6 MEDIUM | N/A |
|
AIX piodmgrsu command allows local users to gain additional group privileges.
|
|||||
| CVE-1999-0093 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
|
AIX nslookup command allows local users to obtain root access by not dropping privileges correctly.
|
|||||
| CVE-2006-3860 | 1 Ibm | 1 Informix Dynamic Database Server | 2025-04-03 | 7.5 HIGH | N/A |
|
IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows allows remote authenticated users to execute arbitrary commands via the (1) "SET DEBUG FILE" SQL command, and the (2) start_onpload and (3) dbexp functions.
|
|||||
| CVE-2006-2433 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and attack vectors related to the "administrative console".
|
|||||
| CVE-1999-0022 | 6 Bsdi, Freebsd, Hp and 3 more | 7 Bsd Os, Freebsd, Hp-ux and 4 more | 2025-04-03 | 7.2 HIGH | 7.8 HIGH |
|
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
|
|||||
| CVE-2005-1133 | 1 Ibm | 1 Iseries As 400 | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The POP3 server in IBM iSeries AS/400 returns different error messages when the user exists or not, which allows remote attackers to determine valid user IDs on the server.
|
|||||
| CVE-2005-2712 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | 7.8 HIGH | N/A |
|
The LDAP server (nldap.exe) in IBM Lotus Domino before 7.0.1, 6.5.5, and 6.5.4 FP2 allows remote attackers to cause a denial of service (crash) via a long bind request, which triggers a null dereference.
|
|||||
| CVE-2004-0795 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 7.2 HIGH | N/A |
|
DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe.
|
|||||
| CVE-2005-4833 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 4.3 MEDIUM | N/A |
|
IBM WebSphere Application Server (WAS) 6.0 before 20050201, when serving pages in an Application WAR or an Extended Document Root, allows remote attackers to obtain the JSP source code and other sensitive information via "a specific JSP URL," related to lack of normalization of the URL format.
|
|||||
| CVE-1999-0014 | 3 Cde, Hp, Ibm | 4 Cde, Hp-ux, Vvos and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Unauthorized privileged access or denial of service via dtappgather program in CDE.
|
|||||
| CVE-2002-0677 | 7 Caldera, Compaq, Hp and 4 more | 9 Openunix, Unixware, Tru64 and 6 more | 2025-04-03 | 7.5 HIGH | N/A |
|
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
|
|||||
| CVE-2006-4683 | 1 Ibm | 1 Director | 2025-04-03 | 5.0 MEDIUM | N/A |
|
IBM Director before 5.10 allows remote attackers to obtain sensitive information from HTTP headers via HTTP TRACE.
|
|||||
| CVE-2003-0580 | 1 Ibm | 1 U2 Universe | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier allows the uvadm user to execute arbitrary code via a long -uv.install command line argument.
|
|||||
| CVE-2006-0717 | 1 Ibm | 1 Tivoli Directory Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
IBM Tivoli Directory Server 6.0 allows remote attackers to cause a denial of service (crash) via a crafted LDAP request, as demonstrated by test 2532 in the ProtoVer Sample LDAP test suite.
|
|||||
| CVE-2001-1265 | 1 Ibm | 1 Alphaworks Tftp Server | 2025-04-03 | 7.5 HIGH | N/A |
|
Directory traversal vulnerability in IBM alphaWorks Java TFTP server 1.21 allows remote attackers to conduct unauthorized operations on arbitrary files via a .. (dot dot) attack.
|
|||||
| CVE-1999-0129 | 7 Bsdi, Eric Allman, Freebsd and 4 more | 9 Bsd Os, Sendmail, Freebsd and 6 more | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
|
|||||
| CVE-2005-4738 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | 6.5 MEDIUM | N/A |
|
IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges.
|
|||||
| CVE-1999-1486 | 1 Ibm | 1 Aix | 2025-04-03 | 1.2 LOW | N/A |
|
sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack.
|
|||||
| CVE-2005-2234 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.
|
|||||
| CVE-1999-0524 | 11 Apple, Cisco, Hp and 8 more | 14 Mac Os X, Macos, Ios and 11 more | 2025-04-03 | 2.1 LOW | N/A |
|
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
|
|||||
| CVE-2000-1215 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information.
|
|||||
| CVE-2000-0652 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string.
|
|||||
| CVE-2001-1309 | 1 Ibm | 1 Secureway Directory | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
|
|||||
| CVE-1999-0033 | 5 Ibm, Ncr, Sco and 2 more | 7 Aix, Mp-ras, Open Desktop and 4 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Command execution in Sun systems via buffer overflow in the at program.
|
|||||
| CVE-2002-0679 | 6 Caldera, Compaq, Hp and 3 more | 8 Openunix, Unixware, Tru64 and 5 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
|
|||||
| CVE-2000-0441 | 1 Ibm | 1 Aix | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems.
|
|||||
| CVE-2002-0746 | 1 Ibm | 1 Aix | 2025-04-03 | 10.0 HIGH | N/A |
|
Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument.
|
|||||
| CVE-2004-0493 | 5 Apache, Avaya, Gentoo and 2 more | 8 Http Server, Converged Communications Server, S8300 and 5 more | 2025-04-03 | 6.4 MEDIUM | N/A |
|
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
|
|||||
| CVE-2005-0263 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument.
|
|||||
| CVE-2001-1504 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | 7.5 HIGH | N/A |
|
Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message.
|
|||||
| CVE-2006-1619 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
IBM WebSphere Application Server 4.0.1 through 4.0.3 allows remote attackers to cause a denial of service (application crash) via an HTTP request with a large header.
|
|||||
| CVE-2000-1119 | 1 Ibm | 1 Aix | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument.
|
|||||
| CVE-2006-3861 | 1 Ibm | 1 Informix Dynamic Server | 2025-04-03 | 4.0 MEDIUM | N/A |
|
IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 does not use database creation permissions, which allows remote authenticated users to create arbitrary databases.
|
|||||