Filtered by vendor Ibm
Subscriptions
Total
7585 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3000 | 1 Ibm | 1 Infosphere Data Replication Dashboard | 2024-11-21 | N/A |
| SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. IBM X-Force ID: 84116. | ||||
| CVE-2013-2999 | 1 Ibm | 1 Infosphere Data Replication Dashboard | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 84115. | ||||
| CVE-2013-2972 | 1 Ibm | 1 Websphere Cast Iron Cloud Integration | 2024-11-21 | N/A |
| IBM WebSphere Cast Iron 6.3 allows remote attackers to bypass intended access restrictions via unspecified vectors. IBM X-Force ID: 83868. | ||||
| CVE-2013-2951 | 1 Ibm | 1 Websphere Portal | 2024-11-21 | N/A |
| IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file. IBM X-Force ID: 83621. | ||||
| CVE-2013-0594 | 1 Ibm | 1 Inotes | 2024-11-21 | N/A |
| Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383. | ||||
| CVE-2013-0592 | 1 Ibm | 1 Inotes | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815. | ||||
| CVE-2013-0589 | 1 Ibm | 1 Inotes | 2024-11-21 | N/A |
| IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371. | ||||
| CVE-2013-0570 | 1 Ibm | 12 Flex System Fabric Cn4093, Flex System Fabric En4093, Flex System Si4093 and 9 more | 2024-11-21 | N/A |
| The Fibre Channel over Ethernet (FCoE) feature in IBM System Networking and Blade Network Technology (BNT) switches running IBM Networking Operating System (aka NOS, formerly BLADE Operating System) floods data frames with unknown MAC addresses out on all interfaces on the same VLAN, which might allow remote attackers to obtain sensitive information in opportunistic circumstances by eavesdropping on the broadcast domain. IBM X-Force ID: 83166. | ||||
| CVE-2013-0522 | 1 Ibm | 1 Lotus Notes | 2024-11-21 | N/A |
| The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531. | ||||
| CVE-2013-0517 | 1 Ibm | 1 Sterling External Authentication Server | 2024-11-21 | 7.8 High |
| A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified OS command, which could let a local malicious user execute arbitrary code. | ||||
| CVE-2013-0507 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 8.1 High |
| IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerability | ||||
| CVE-2012-6277 | 3 Hp, Ibm, Symantec | 7 Autonomy Keyview Idol, Domino, Notes and 4 more | 2024-11-21 | 7.8 High |
| Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of underlying issues" in which "some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code." | ||||
| CVE-2012-4863 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 6.5 Medium |
| IBM WebSphere MQ 7.1 and 7.5: Queue manager has a DoS vulnerability | ||||
| CVE-2012-4818 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 6.5 Medium |
| IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories. An attacker could exploit this vulnerability via the DataStage application to load or import content functionality to view arbitrary files on the system. | ||||
| CVE-2012-3341 | 1 Ibm | 1 Infosphere Guardium | 2024-11-21 | 5.4 Medium |
| IBM InfoSphere Guardium 7.0, 8.0, 8.01, and 8.2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM X-Force ID: 78294. | ||||
| CVE-2012-3340 | 1 Ibm | 1 Infosphere Guardium | 2024-11-21 | 4.3 Medium |
| IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML external entity injection, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 78291. | ||||
| CVE-2012-3338 | 1 Ibm | 1 Infosphere Guardium | 2024-11-21 | 5.3 Medium |
| IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to bypass security restrictions, caused by improper restrictions on the create new user account functionality. An attacker could exploit this vulnerability to create unprivileged user accounts. IBM X-Force ID: 78286. | ||||
| CVE-2012-3337 | 1 Ibm | 1 Infosphere Guardium | 2024-11-21 | 5.3 Medium |
| IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to download arbitrary files on the system. IBM X-Force ID: 78284. | ||||
| CVE-2012-3336 | 2 Ibm, Linux | 2 Infosphere Guardium, Linux Kernel | 2024-11-21 | 8.8 High |
| IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to multiple scripts, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 78282. | ||||
| CVE-2012-3331 | 1 Ibm | 1 Sametime | 2024-11-21 | N/A |
| IBM Sametime allows remote attackers to obtain sensitive information from the Sametime Log database via a direct request to STLOG.NSF. IBM X-Force ID: 78048. | ||||