Filtered by vendor Ibm
Subscriptions
Total
8183 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0554 | 1 Ibm | 1 Informix Web Datablade | 2025-04-03 | N/A |
| webdriver in IBM Informix Web DataBlade 4.12 allows remote attackers to bypass user access levels or read arbitrary files via a SQL injection attack in an HTTP request. | ||||
| CVE-2002-0555 | 1 Ibm | 1 Informix Web Datablade | 2025-04-03 | N/A |
| IBM Informix Web DataBlade 4.12 unescapes user input even if an application has escaped it, which could allow remote attackers to execute SQL code in a web form even when the developer has attempted to escape it. | ||||
| CVE-2004-1621 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | N/A |
| NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote attackers to execute arbitrary web script or HTML via square brackets at the beginning and end of (1) computed for display, (2) computed when composed, or (3) computed text element fields. NOTE: the vendor has disputed this issue, saying that it is not a problem with Notes/Domino itself, but with the applications that do not properly handle this feature | ||||
| CVE-2004-2270 | 1 Ibm | 1 Parallel Environment | 2025-04-03 | N/A |
| Unknown vulnerability in IBM Parallel Environment (PE) 3.2 and 4.1 allows attackers to execute arbitrary commands as root via unknown vectors in the sample code. | ||||
| CVE-2003-0064 | 4 Hp, Ibm, Sgi and 1 more | 5 Hp-ux, Aix, Irix and 2 more | 2025-04-03 | N/A |
| The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
| CVE-2003-0180 | 1 Ibm | 1 Lotus Domino Web Server | 2025-04-03 | N/A |
| Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form. | ||||
| CVE-2004-2280 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | N/A |
| Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN. | ||||
| CVE-2004-2281 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | N/A |
| Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3. | ||||
| CVE-2002-0679 | 6 Caldera, Compaq, Hp and 3 more | 8 Openunix, Unixware, Tru64 and 5 more | 2025-04-03 | N/A |
| Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure. | ||||
| CVE-2006-3067 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | N/A |
| Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) "long column list" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow. | ||||
| CVE-2006-0717 | 1 Ibm | 1 Tivoli Directory Server | 2025-04-03 | N/A |
| IBM Tivoli Directory Server 6.0 allows remote attackers to cause a denial of service (crash) via a crafted LDAP request, as demonstrated by test 2532 in the ProtoVer Sample LDAP test suite. | ||||
| CVE-2003-0257 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Format string vulnerability in the printer capability for IBM AIX .3, 5.1, and 5.2 allows local users to gain printq or root privileges. | ||||
| CVE-2005-3643 | 1 Ibm | 1 Db2 Universal Database | 2025-04-03 | N/A |
| IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password. | ||||
| CVE-2005-2073 | 1 Ibm | 1 Db2 | 2025-04-03 | N/A |
| Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through 8.2.2 allows local users with SELECT privileges to conduct unauthorized activities and insert, update or delete table contents. | ||||
| CVE-2004-2369 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | N/A |
| Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. (dot dot) in the directory creation command. | ||||
| CVE-2002-2372 | 1 Ibm | 2 Infoprint, Infoprint 21 | 2025-04-03 | N/A |
| The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attackers to cause a denial of service (crash) via a long username, possibly due to a buffer overflow. | ||||
| CVE-2004-2663 | 1 Ibm | 1 Egatherer | 2025-04-03 | N/A |
| The (1) SetDebugging and (2) RunEgatherer methods in IBM Access Support eGatherer ActiveX control 2.0.0.16 allow remote attackers to create files with arbitrary content, as demonstrated by creating a .hta file in a Startup folder. | ||||
| CVE-2004-2388 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user. | ||||
| CVE-2004-0480 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | N/A |
| Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe. | ||||
| CVE-2003-1050 | 1 Ibm | 1 Db2 | 2025-04-03 | N/A |
| Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to (1) db2start, (2) db2stop, or (3) db2govd. | ||||