ReportizFlow
Filtered by vendor Ibm
Subscriptions
Total
8188 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1133 | 1 Ibm | 1 Iseries As 400 | 2025-04-03 | N/A |
| The POP3 server in IBM iSeries AS/400 returns different error messages when the user exists or not, which allows remote attackers to determine valid user IDs on the server. | ||||
| CVE-2005-1112 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | N/A |
| IBM WebSphere Application Server 6.0 and earlier, when sharing the document root of the web server, allows remote attackers to obtain the source code for Java Server Pages (.jsp) via an HTTP request with an invalid Host header, which causes the page to be processed by the web server instead of the JSP engine. | ||||
| CVE-2006-1384 | 1 Ibm | 1 Tivoli Business Systems Manager | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in apwc_win_main.jsp in the web console in IBM Tivoli Business Systems Manager (TBSM) before 3.1.0.1 allows remote attackers to inject arbitrary web script or HTML via the skin parameter. | ||||
| CVE-2005-1037 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges. | ||||
| CVE-2002-0677 | 7 Caldera, Compaq, Hp and 4 more | 9 Openunix, Unixware, Tru64 and 6 more | 2025-04-03 | N/A |
| CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. | ||||
| CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2025-04-03 | N/A |
| Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | ||||
| CVE-2000-0891 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | N/A |
| A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email. | ||||
| CVE-1999-0086 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| AIX routed allows remote users to modify sensitive files. | ||||
| CVE-2006-1093 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | N/A |
| Unspecified vulnerability in IBM WebSphere 5.0.2.10 through 5.0.2.15 and 5.1.1.4 through 5.1.1.9 allows remote attackers to obtain sensitive information via unknown attack vectors, which causes JSP source code to be revealed. | ||||
| CVE-1999-0115 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| AIX bugfiler program allows local users to gain root access. | ||||
| CVE-2006-4222 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | N/A |
| Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.0.2.13 have unspecified vectors and impact, including (1) an "authority problem" in ThreadIdentitySupport as identified by PK25199, and "Potential security exposure" issues as identified by (2) PK22747, (3) PK24334, (4) PK25740, and (5) PK26123. | ||||
| CVE-2001-1441 | 1 Ibm | 1 Visualage For Java | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 Professional allows remote attackers to execute JavaScript on other clients via the URL, which injects the script in the resulting error message. | ||||
| CVE-2004-2663 | 1 Ibm | 1 Egatherer | 2025-04-03 | N/A |
| The (1) SetDebugging and (2) RunEgatherer methods in IBM Access Support eGatherer ActiveX control 2.0.0.16 allow remote attackers to create files with arbitrary content, as demonstrated by creating a .hta file in a Startup folder. | ||||
| CVE-2001-1265 | 1 Ibm | 1 Alphaworks Tftp Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in IBM alphaWorks Java TFTP server 1.21 allows remote attackers to conduct unauthorized operations on arbitrary files via a .. (dot dot) attack. | ||||
| CVE-1999-1208 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Buffer overflow in ping in AIX 4.2 and earlier allows local users to gain root privileges via a long command line argument. | ||||
| CVE-2003-0578 | 1 Ibm | 1 U2 Universe | 2025-04-03 | 7.8 High |
| cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files. | ||||
| CVE-2003-0759 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | N/A |
| Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument. | ||||
| CVE-2001-0319 | 1 Ibm | 3 Net.commerce, Net.commerce Hosting Server, Websphere Commerce Suite | 2025-04-03 | N/A |
| orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability. | ||||
| CVE-2006-4136 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | N/A |
| Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.1.0.1 have unspecified impact and attack vectors involving (1) "SOAP requests and responses", (2) mbean, (3) ThreadIdentitySupport, and possibly others. | ||||
| CVE-2003-0836 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | N/A |
| Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command. | ||||