Filtered by vendor Ibm
Subscribe
Total
7009 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0786 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 5.0 MEDIUM | N/A |
| The Web Services Security component in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.13 does not properly implement the Java API for XML Web Services (aka JAX-WS), which allows remote attackers to cause a denial of service (data corruption) via a crafted JAX-WS request that leads to incorrectly encoded data. | |||||
| CVE-2010-0785 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 6.0 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.13 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2010-0784 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-0783 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-0782 | 1 Ibm | 1 Websphere Mq | 2017-08-17 | 4.3 MEDIUM | N/A |
| IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows remote attackers to spoof X.509 certificate authentication, and send or receive channel messages, via a crafted Subject Distinguished Name (DN) value in a certificate. | |||||
| CVE-2010-0781 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.33 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted URL. | |||||
| CVE-2010-0780 | 1 Ibm | 1 Websphere Mq | 2017-08-17 | 4.3 MEDIUM | N/A |
| IBM WebSphere MQ 7.x before 7.0.1.4 allows remote attackers to cause a denial of service (disk consumption) via multiple connection attempts to a stopped queue manager. | |||||
| CVE-2010-0779 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.43, 6.1 before 6.1.0.33, and 7.0 before 7.0.0.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-0778 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.33 and 7.0 before 7.0.0.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-0777 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 2.6 LOW | N/A |
| The Web Container in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.43, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 does not properly handle long filenames and consequently sends an incorrect file in some responses, which allows remote attackers to obtain sensitive information by reading the retrieved file. | |||||
| CVE-2010-0776 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 5.0 MEDIUM | N/A |
| The Web Container in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.43, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 does not properly handle chunked transfer encoding during a call to response.sendRedirect, which allows remote attackers to cause a denial of service via a GET request. | |||||
| CVE-2010-0775 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a crafted request, related to the nodeagent and Deployment Manager components. | |||||
| CVE-2010-0774 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 4.3 MEDIUM | N/A |
| The (1) JAX-RPC WS-Security 1.0 and (2) JAX-WS runtime implementations in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 do not properly handle WebServices PKCS#7 and PKIPath tokens, which allows remote attackers to bypass intended access restrictions via unspecified vectors. | |||||
| CVE-2010-0772 | 1 Ibm | 1 Websphere Mq | 2017-08-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the channel process in IBM WebSphere MQ 7.0 before 7.0.1.2 allows remote authenticated users to cause a denial of service (daemon crash) via "incorrect channel control data." | |||||
| CVE-2010-0770 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 4.0 MEDIUM | N/A |
| IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 allows remote authenticated users to cause a denial of service (ORB ListenerThread hang) by aborting an SSL handshake. | |||||
| CVE-2010-0769 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 1.9 LOW | N/A |
| IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 does not properly define wsadmin scripting J2CConnectionFactory objects, which allows local users to discover a KeyRingPassword password by reading a cleartext field in the resources.xml file. | |||||
| CVE-2010-0768 | 1 Ibm | 1 Websphere Application Server | 2017-08-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 allows remote attackers to inject arbitrary web script or HTML via the URI. | |||||
| CVE-2010-0357 | 1 Ibm | 1 Lotus Web Content Management | 2017-08-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Login page in IBM Lotus Web Content Management (WCM) 6.0.1.4, 6.0.1.5, and 6.0.1.6 before iFix 32; and 6.1.0.1 and 6.1.0.2 before iFix 24; for WebSphere Portal allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | |||||
| CVE-2010-0311 | 2 Ibm, Sun | 4 Tivoli Access Manager For E-business, Java System Access Manager, Java System Identity Server and 1 more | 2017-08-17 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors. | |||||
| CVE-2010-0276 | 1 Ibm | 3 Domino Web Access, Lotus Domino, Lotus Inotes | 2017-08-17 | 10.0 HIGH | N/A |
| IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the "Try Lotus iNotes anyway" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU. | |||||