Filtered by vendor Ibm
Subscriptions
Total
7842 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-1384 | 1 Ibm | 2 Aix, Invscout.rte | 2025-04-11 | N/A |
| The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file. | ||||
| CVE-2012-5307 | 1 Ibm | 1 Lotus Notes Traveler | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in servlet/traveler in IBM Lotus Notes Traveler before 8.5.3.3 Interim Fix 1, when Firefox is used, allows remote attackers to inject arbitrary web script or HTML via the redirectURL parameter, a different vulnerability than CVE-2012-4824 and CVE-2012-4825. | ||||
| CVE-2011-1375 | 1 Ibm | 1 Aix | 2025-04-11 | N/A |
| IBM AIX 6.1 and 7.1 does not restrict the wpar_limits_config and wpar_limits_modify system calls, which allows local users to cause a denial of service (system crash) via a crafted call. | ||||
| CVE-2011-1373 | 1 Ibm | 1 Db2 | 2025-04-11 | N/A |
| Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE_MEMORY setting are configured, allows local users to cause a denial of service (daemon crash) via unknown vectors. | ||||
| CVE-2011-1372 | 1 Ibm | 4 Ts3100 Tape Library, Ts3100 Tape Library Firmware, Ts3200 Tape Library and 1 more | 2025-04-11 | N/A |
| The Web User Interface on the IBM TS3100 and TS3200 tape libraries with firmware before A.60 allows remote attackers to bypass authentication and obtain administrative access via unspecified vectors. | ||||
| CVE-2011-1371 | 1 Ibm | 1 Websphere Ilog Rule Team Server | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM WebSphere ILOG Rule Team Server 7.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger an Unknown Error document, a different vulnerability than CVE-2011-4171. | ||||
| CVE-2011-1370 | 1 Ibm | 1 Lotus Sametime | 2025-04-11 | N/A |
| The default configuration of the Sametime configuration servlet (SCS) in the server in IBM Lotus Sametime 7.0 through 8.5.2 does not enable an authentication requirement, which allows remote attackers to read the configuration settings by examining a response message. | ||||
| CVE-2011-1366 | 1 Ibm | 1 Rational Appscan | 2025-04-11 | N/A |
| Unspecified vulnerability in the Import feature in IBM Rational AppScan Enterprise and AppScan Reporting Console 5.2 through 7.9.x and 8.x before 8.0.1.1 allows remote attackers to execute arbitrary commands on an agent server via a crafted ZIP archive. | ||||
| CVE-2011-1362 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Installation Verification Test (IVT) application in the Install component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41 and 7.0 before 7.0.0.19 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1308. | ||||
| CVE-2011-1359 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| Directory traversal vulnerability in the administration console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41, 7.0 before 7.0.0.19, and 8.0 before 8.0.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2011-1356 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 before 7.0.0.19 allows local users to obtain sensitive stack-trace information via a crafted Administration Console request. | ||||
| CVE-2011-1343 | 1 Ibm | 1 Tivoli Netcool\/omnibus | 2025-04-11 | N/A |
| SQL injection vulnerability in the Web GUI in IBM Tivoli Netcool/OMNIbus before 7.3.0.4 allows remote attackers to execute arbitrary SQL commands via "dynamic SQL parameters." | ||||
| CVE-2011-1322 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| The SOAP with Attachments API for Java (SAAJ) implementation in the Web Services component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.37 and 7.x before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) via encrypted SOAP messages. | ||||
| CVE-2011-1318 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| Memory leak in org.apache.jasper.runtime.JspWriterImpl.response in the JavaServer Pages (JSP) component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) by accessing a JSP page of an application that is repeatedly stopped and restarted. | ||||
| CVE-2011-1316 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| The Session Initiation Protocol (SIP) Proxy in the HTTP Transport component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (worker thread exhaustion and UDP messaging outage) by sending many UDP messages. | ||||
| CVE-2011-1315 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| Memory leak in the messaging engine in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) via network connections associated with a NULL return value from a synchronous JMS receive call. | ||||
| CVE-2011-1314 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| The Service Integration Bus (SIB) messaging engine in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (daemon hang) by performing close operations via network connections to a queue manager. | ||||
| CVE-2012-2185 | 1 Ibm | 6 Change And Configuration Management Database, Maximo Asset Management, Maximo Service Desk and 3 more | 2025-04-11 | N/A |
| IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote authenticated users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2011-1313 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| Double free vulnerability in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15 allows remote backend IIOP servers to cause a denial of service (S0C4 ABEND and storage corruption) by rejecting IIOP requests at opportunistic time instants, as demonstrated by requests associated with an ORB_Request::getACRWorkElementPtr function call. | ||||
| CVE-2010-0927 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in help/readme.nsf/Header in the Help component in IBM Lotus Domino 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the BaseTarget parameter in an OpenPage action. NOTE: this may overlap CVE-2010-0920. | ||||