Filtered by vendor Ibm
Subscriptions
Total
7841 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-4826 | 1 Ibm | 1 Db2 | 2025-04-11 | N/A |
| Stack-based buffer overflow in the SQL/PSM (aka SQL Persistent Stored Module) Stored Procedure (SP) infrastructure in IBM DB2 9.1, 9.5, 9.7 before FP7, 9.8, and 10.1 might allow remote authenticated users to execute arbitrary code by debugging a stored procedure. | ||||
| CVE-2012-4825 | 1 Ibm | 1 Lotus Notes Traveler | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in servlet/traveler/ILNT.mobileconfig in IBM Lotus Notes Traveler before 8.5.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) userId or (2) address parameter in a getClientConfigFile action. | ||||
| CVE-2012-4824 | 1 Ibm | 1 Lotus Notes Traveler | 2025-04-11 | N/A |
| Open redirect vulnerability in servlet/traveler in IBM Lotus Notes Traveler 8.5.3 before 8.5.3.3 Interim Fix 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirectURL parameter. | ||||
| CVE-2012-4841 | 1 Ibm | 1 Tivoli Endpoint Manager | 2025-04-11 | N/A |
| Unspecified vulnerability in Tivoli Endpoint Manager for Remote Control Broker 8.2 before 8.2.1-TIV-TEMRC821-IF0002 allows remote attackers to cause a denial of service (resource consumption) via unknown vectors. | ||||
| CVE-2012-3330 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| The proxy server in IBM WebSphere Application Server 7.0 before 7.0.0.27, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1, and WebSphere Virtual Enterprise, allows remote attackers to cause a denial of service (daemon outage) via a crafted request. | ||||
| CVE-2012-3323 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | N/A |
| IBM Maximo Asset Management 6.2 before 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.3 allows remote attackers to gain privileges via unspecified vectors. | ||||
| CVE-2012-3322 | 1 Ibm | 7 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 4 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2, and SmartCloud Control Desk 7.5 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to a display name. | ||||
| CVE-2012-3321 | 1 Ibm | 1 Smartcloud Control Desk | 2025-04-11 | N/A |
| IBM SmartCloud Control Desk 7.5 allows remote authenticated users to bypass intended access restrictions via vectors involving an expired password. | ||||
| CVE-2012-3312 | 1 Ibm | 1 Infosphere Guardium | 2025-04-11 | N/A |
| The datasource definition editor in IBM InfoSphere Guardium 8.2 and earlier, when the save-password setting is enabled, transmits cleartext database credentials, which allows remote attackers to obtain sensitive information by sniffing the network. | ||||
| CVE-2012-3311 | 1 Ibm | 2 Websphere Application Server, Z\/os | 2025-04-11 | N/A |
| IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 on z/OS, in certain configurations involving Federated Repositories for IIOP connections and Optimized Local Adapters, does not perform CBIND checks, which allows local users to bypass intended access restrictions, and read or modify application data, via unspecified vectors. | ||||
| CVE-2012-3302 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Domino 7.x and 8.x before 8.5.4 allow remote attackers to inject arbitrary web script or HTML via (1) a URL accessed during use of the Mail template in the WebMail UI or (2) a URL accessed during use of Domino Help through the Domino HTTP server. | ||||
| CVE-2012-3300 | 1 Ibm | 1 Websphere Commerce | 2025-04-11 | N/A |
| IBM WebSphere Commerce 7.0 before 7.0.0.6, when persistent sessions and personalization IDs are enabled, allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors. | ||||
| CVE-2012-3298 | 1 Ibm | 1 Websphere Commerce | 2025-04-11 | N/A |
| Unspecified vulnerability in the REST services framework in IBM WebSphere Commerce 7.0 Feature Pack 4 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors. | ||||
| CVE-2012-3297 | 1 Ibm | 1 Tivoli Monitoring | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the embedded HTTP server in the Service Console in IBM Tivoli Monitoring 6.2.2 before 6.2.2-TIV-ITM-FP0009 and 6.3.2 before 6.2.3-TIV-ITM-FP0001 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. | ||||
| CVE-2012-3304 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| The Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hijack sessions via unspecified vectors. | ||||
| CVE-2012-5954 | 1 Ibm | 1 Tivoli Storage Manager For Space Management | 2025-04-11 | N/A |
| Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows remote attackers to read or modify HSM-managed file system objects via unknown vectors. | ||||
| CVE-2012-5946 | 1 Ibm | 1 Spss Samplepower | 2025-04-11 | N/A |
| Buffer overflow in the c1sizer ActiveX control in C1sizer.ocx in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via a long TabCaption string. | ||||
| CVE-2013-3045 | 1 Ibm | 1 Lotus Sametime | 2025-04-11 | N/A |
| The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to share crafted links via the Library function. | ||||
| CVE-2012-2199 | 2 Ibm, Oracle | 2 Websphere Mq, Solaris | 2025-04-11 | N/A |
| The server message channel agent in the queue manager in the server in IBM WebSphere MQ 7.0.1 before 7.0.1.9, 7.1, and 7.5 on Solaris allows remote attackers to cause a denial of service (invalid address alignment exception and daemon crash) via vectors involving a multiplexed channel. | ||||
| CVE-2013-3043 | 1 Ibm | 2 Rational Software Architect Design Manager, Rhapsody Design Manager | 2025-04-11 | N/A |
| Directory traversal vulnerability in the client in IBM Rational Software Architect Design Manager and Rhapsody Design Manager 3.x and 4.x before 4.0.5 allows local users to read arbitrary files via vectors involving temporary files. | ||||