Filtered by vendor Ibm
Subscribe
Total
7009 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3475 | 1 Ibm | 3 Db2, Db2 Connect, Smart Analytics System 7600 | 2018-09-25 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 and DB2 Connect 9.1, 9.5, 9.7, 9.8, and 10.1, as used in Smart Analytics System 7600 and other products, allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2018-1529 | 1 Ibm | 2 Rational Doors Next Generation, Rational Requirements Composer | 2018-09-18 | 3.5 LOW | 5.4 MEDIUM |
| IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142291. | |||||
| CVE-2013-0522 | 1 Ibm | 1 Lotus Notes | 2018-09-17 | 1.9 LOW | 7.0 HIGH |
| The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531. | |||||
| CVE-2013-0570 | 1 Ibm | 12 Flex System Fabric Cn4093, Flex System Fabric En4093, Flex System Si4093 and 9 more | 2018-09-10 | 2.9 LOW | 5.3 MEDIUM |
| The Fibre Channel over Ethernet (FCoE) feature in IBM System Networking and Blade Network Technology (BNT) switches running IBM Networking Operating System (aka NOS, formerly BLADE Operating System) floods data frames with unknown MAC addresses out on all interfaces on the same VLAN, which might allow remote attackers to obtain sensitive information in opportunistic circumstances by eavesdropping on the broadcast domain. IBM X-Force ID: 83166. | |||||
| CVE-2013-3017 | 1 Ibm | 1 Tivoli Application Dependency Discovery Manager | 2018-09-06 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Tivoli Application Dependency Discovery Manager (TADDM) before 7.2.1.5 and 7.2.x before 7.2.2 make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging support for weak SSL ciphers. IBM X-Force ID: 84353. | |||||
| CVE-2013-2951 | 1 Ibm | 1 Websphere Portal | 2018-09-06 | 2.1 LOW | 7.8 HIGH |
| IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file. IBM X-Force ID: 83621. | |||||
| CVE-2013-0589 | 1 Ibm | 1 Inotes | 2018-09-04 | 5.0 MEDIUM | 7.5 HIGH |
| IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371. | |||||
| CVE-2013-0594 | 1 Ibm | 1 Inotes | 2018-09-04 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383. | |||||
| CVE-2013-0592 | 1 Ibm | 1 Inotes | 2018-09-04 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815. | |||||
| CVE-2013-2972 | 1 Ibm | 1 Websphere Cast Iron Cloud Integration | 2018-09-04 | 7.8 HIGH | 7.5 HIGH |
| IBM WebSphere Cast Iron 6.3 allows remote attackers to bypass intended access restrictions via unspecified vectors. IBM X-Force ID: 83868. | |||||
| CVE-2013-3000 | 1 Ibm | 1 Infosphere Data Replication Dashboard | 2018-08-29 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. IBM X-Force ID: 84116. | |||||
| CVE-2013-3001 | 1 Ibm | 1 Infosphere Data Replication Dashboard | 2018-08-29 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to read arbitrary files via unspecified vectors. IBM X-Force ID: 84127. | |||||
| CVE-2013-2999 | 1 Ibm | 1 Infosphere Data Replication Dashboard | 2018-08-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 84115. | |||||
| CVE-2017-1299 | 1 Ibm | 2 Rational Collaborative Lifecycle Management, Rational Quality Manager | 2018-08-27 | 3.5 LOW | 5.4 MEDIUM |
| IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125161. | |||||
| CVE-2018-1456 | 1 Ibm | 2 Rational Rhapsody Design Manager, Rational Software Architect Design Manager | 2018-07-24 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 140091. | |||||
| CVE-2013-0595 | 1 Ibm | 2 Lotus Domino, Lotus Inotes | 2018-07-12 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3. | |||||
| CVE-2017-1677 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2018-07-07 | 4.6 MEDIUM | 7.8 HIGH |
| IBM Data Server Driver for JDBC and SQLJ (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) deserializes the contents of /tmp/connlicj.bin which leads to object injection and potentially arbitrary code execution depending on the classpath. IBM X-Force ID: 133999. | |||||
| CVE-2013-3018 | 1 Ibm | 1 Tivoli Application Dependency Discovery Manager | 2018-06-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 allows remote attackers to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. IBM X-Force ID: 84354. | |||||
| CVE-2013-3023 | 1 Ibm | 1 Tivoli Application Dependency Discovery Manager | 2018-06-28 | 4.3 MEDIUM | 8.1 HIGH |
| IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote attackers to obtain sensitive information about Tomcat credentials by sniffing the network for a session in which HTTP is used. IBM X-Force ID: 84361. | |||||
| CVE-2017-1752 | 1 Ibm | 1 Urbancode Deploy | 2018-06-28 | 4.0 MEDIUM | 4.9 MEDIUM |
| IBM UrbanCode Deploy 6.1 and 6.2 could allow an authenticated privileged user to obtain highly sensitive information. IBM X-Force ID: 135547. | |||||