Filtered by vendor Ibm
Subscriptions
Total
7722 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-8972 | 1 Ibm | 2 Aix, Vios | 2025-04-20 | N/A |
IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011. | ||||
CVE-2016-8973 | 1 Ibm | 1 Rational Rhapsody Design Manager | 2025-04-20 | N/A |
IBM Rhapsody DM 4.0, 5.0 and 6.0 contains an undisclosed vulnerability that may allow an authenticated user to upload infected malicious files to the server. IBM Reference #: 1999960. | ||||
CVE-2016-8981 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2025-04-20 | N/A |
IBM BigFix Inventory v9 allows web pages to be stored locally which can be read by another user on the system. | ||||
CVE-2016-8987 | 1 Ibm | 1 Maximo Asset Management | 2025-04-20 | N/A |
IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow an authenticated user to view incorrect item sets that they should not have access to view. | ||||
CVE-2016-9738 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2025-04-20 | N/A |
IBM QRadar 7.2 and 7.3 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 119783. | ||||
CVE-2016-8963 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2025-04-20 | N/A |
IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user. | ||||
CVE-2016-8962 | 1 Ibm | 1 Bigfix Inventory | 2025-04-20 | N/A |
IBM BigFix Inventory 9.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 118851. | ||||
CVE-2016-8967 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Bigfix Inventory and 4 more | 2025-04-20 | N/A |
IBM BigFix Inventory v9 9.2 stores user credentials in plain in clear text which can be read by a local user. | ||||
CVE-2016-8954 | 1 Ibm | 1 Dashdb Local | 2025-04-20 | N/A |
IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database. | ||||
CVE-2016-8948 | 1 Ibm | 1 Emptoris Sourcing | 2025-04-20 | N/A |
IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 118835. | ||||
CVE-2016-8960 | 1 Ibm | 1 Cognos Business Intelligence | 2025-04-20 | N/A |
IBM Cognos Business Intelligence 10.2 could allow a user with lower privilege Capabilities to adopt the Capabilities of a higher-privilege user by intercepting the higher-privilege user's cookie value from its HTTP request and then reusing it in subsequent requests. IBM Reference #: 1993718. | ||||
CVE-2016-8968 | 1 Ibm | 1 Rational Collaborative Lifecycle Management | 2025-04-20 | N/A |
IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998515. | ||||
CVE-2017-1613 | 1 Ibm | 1 Connections | 2025-04-20 | N/A |
IBM Connections 6.0 could allow an unauthenticated remote attacker to gain unauthenticated or unauthorized access to non-sensitive Engagement Center template data. IBM X-Force ID: 132954. | ||||
CVE-2017-1607 | 1 Ibm | 1 Rational Doors Next Generation | 2025-04-20 | N/A |
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132927. | ||||
CVE-2016-8941 | 1 Ibm | 2 Spectrum Control, Tivoli Storage Productivity Center | 2025-04-20 | N/A |
IBM Tivoli Storage Productivity Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | ||||
CVE-2017-1631 | 1 Ibm | 1 Jazz For Service Management | 2025-04-20 | N/A |
IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 133140. | ||||
CVE-2017-1628 | 1 Ibm | 1 Business Process Manager | 2025-04-20 | N/A |
IBM Business Process Manager 8.6.0.0 allows authenticated users to stop and resume the Event Manager by calling a REST API with incorrect authorization checks. | ||||
CVE-2016-8940 | 1 Ibm | 1 Tivoli Storage Manager | 2025-04-20 | N/A |
IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. As a result, an attacker is able to submit SQL queries that access database tables that are not intended for access or use by administrators. The access of these product specific database tables may allow access to passwords or other sensitive information for the product. IBM Reference #: 1998946. | ||||
CVE-2016-8944 | 1 Ibm | 1 Aix | 2025-04-20 | N/A |
IBM AIX 7.1 and 7.2 allows a local user to open a file with a specially crafted argument that would crash the system. IBM APARs: IV91488, IV91487, IV91456, IV90234. | ||||
CVE-2016-8971 | 1 Ibm | 1 Websphere Mq | 2025-04-20 | N/A |
IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IBM Reference #: 1998663. |