Export limit exceeded: 361866 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (8294 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-1847 | 1 Ibm | 1 Db2 | 2025-04-11 | N/A |
| IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-2607 | 1 Ibm | 1 Rational Team Concert | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert (RTC) 3.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Work Item 165513. | ||||
| CVE-2011-2759 | 1 Ibm | 1 Tivoli Directory Server | 2025-04-11 | N/A |
| The login page of IDSWebApp in the Web Administration Tool in IBM Tivoli Directory Server (TDS) 6.2 before 6.2.0.3-TIV-ITDS-IF0004 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. | ||||
| CVE-2011-2885 | 1 Ibm | 1 Lotus Symphony | 2025-04-11 | N/A |
| IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application crash) via the sample .doc document that incorporates a user-defined toolbar. | ||||
| CVE-2011-2887 | 2 Ibm, Linux | 2 Lotus Symphony, Linux Kernel | 2025-04-11 | N/A |
| IBM Lotus Symphony 3 before FP3 on Linux allows remote attackers to cause a denial of service (application crash) via a certain sample document. | ||||
| CVE-2011-2888 | 1 Ibm | 1 Lotus Symphony | 2025-04-11 | N/A |
| IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application hang) via complex graphics in a presentation. | ||||
| CVE-2011-2893 | 1 Ibm | 1 Lotus Symphony | 2025-04-11 | N/A |
| The DataPilot feature in IBM Lotus Symphony 3 before FP3 allows user-assisted remote attackers to cause a denial of service (application crash) via a large .xls spreadsheet with an invalid Value reference. | ||||
| CVE-2011-3124 | 2 Ibm, Linux | 3 Infosphere Datastage, Infosphere Information Server, Linux Kernel | 2025-04-11 | N/A |
| IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, assigns incorrect ownership to unspecified files, which allows local users to gain privileges via unknown vectors. | ||||
| CVE-2011-3135 | 1 Ibm | 2 Tivoli Federated Identity Manager, Tivoli Federated Identity Manager Business Gateway | 2025-04-11 | N/A |
| Unspecified vulnerability in the Runtime in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 has unknown impact and attack vectors. | ||||
| CVE-2011-3391 | 1 Ibm | 1 Rational Build Forge | 2025-04-11 | N/A |
| IBM Rational Build Forge 7.1.2 relies on client-side JavaScript code to enforce the EditSecurity permission requirement for the Export Key File function, which allows remote authenticated users to read a key file by removing a disable attribute in the Security sub-menu. | ||||
| CVE-2011-3982 | 1 Ibm | 1 Aix | 2025-04-11 | N/A |
| The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (system hang) via vectors that generate a large amount of DMA I/O, related to a deadlock in timer processing across CPUs. | ||||
| CVE-2011-4465 | 1 Ibm | 1 Lotus Mobile Connect | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Lotus Mobile Connect (LMC) 6.1.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to a hidden redirect URL. | ||||
| CVE-2012-0189 | 1 Ibm | 1 Spss Samplepower | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in the (1) PrintFile and (2) SaveDoc methods in the VsVIEW6 ActiveX control in VsVIEW6.ocx in IBM SPSS SamplePower 3.0 allow remote attackers to execute arbitrary code via a crafted HTML document. | ||||
| CVE-2012-0190 | 1 Ibm | 2 Spss Data Collection, Spss Dimensions | 2025-04-11 | N/A |
| Unspecified vulnerability in the Render method in the ExportHTML.ocx ActiveX control in ExportHTML.dll in IBM SPSS Dimensions 5.5 and SPSS Data Collection 5.6, 6.0, and 6.0.1 allows remote attackers to execute arbitrary code via a crafted HTML document. | ||||
| CVE-2012-0193 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.43, 6.1 before 6.1.0.43, 7.0 before 7.0.0.23, and 8.0 before 8.0.0.3 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. | ||||
| CVE-2010-4594 | 1 Ibm | 1 Lotus Mobile Connect | 2025-04-11 | N/A |
| The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly process TCP connection requests, which allows remote attackers to cause a denial of service (memory consumption and HTTP-AS hang) by making many connection requests that trigger "queue size delta errors," related to a "timing hole" issue. | ||||
| CVE-2010-4601 | 1 Ibm | 1 Rational Clearquest | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 allow attackers to have an unknown impact via vectors related to third-party .ocx files. | ||||
| CVE-2010-4602 | 1 Ibm | 1 Rational Clearquest | 2025-04-11 | N/A |
| The Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1 allows remote authenticated users to bypass "restricted user" limitations, and read arbitrary records, via a modified record number in the URL for a RECORD action, as demonstrated by a modified bookmark. | ||||
| CVE-2010-4622 | 1 Ibm | 2 Aix, Tivoli Access Manager For E-business | 2025-04-11 | N/A |
| Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI. | ||||
| CVE-2010-4773 | 4 Hitachi, Ibm, Linux and 1 more | 6 Eur Form Client, Eur Form Service, Ucosminexus Eur Form Service and 3 more | 2025-04-11 | N/A |
| Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D 2010.11.15 and 05-10-CA (* 2) 2010.11.15; Hitachi EUR Form Service before 05-10 -/D 2010.11.15; and uCosminexus EUR Form Service before 07-60 -/D 2010.11.15 on Windows, before 05-10 -/D 2010.11.15 and 07-50 -/D 2010.11.15 on Linux, and before 07-50 -/C 2010.11.15 on AIX; allows remote attackers to execute arbitrary code via unknown attack vectors. | ||||