Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Total 6971 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-4271 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Buffer overflow in the malloc debug system in IBM AIX 5.3 allows local users to execute arbitrary code.
CVE-2005-0263 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument.
CVE-2005-0250 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via format string specifiers in a command line argument.
CVE-2006-4763 1 Ibm 1 Lotus Domino Web Access 2023-12-10 7.5 HIGH N/A
IBM Lotus Domino Web Access (DWA) 7.0.1 does not expire a client's Lightweight Third-Party Authentication token (LtpaToken) upon logout, which allows remote attackers to obtain a user's privileges by intercepting the LtpaToken cookie.
CVE-2006-2647 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands.
CVE-2005-4869 1 Ibm 1 Db2 2023-12-10 2.1 LOW N/A
The (1) to_char and (2) to_date function in IBM DB2 8.1 allows local users to cause a denial of service (application crash) via an empty string in the second parameter, which causes a null pointer dereference.
CVE-2005-0156 7 Ibm, Larry Wall, Redhat and 4 more 9 Aix, Perl, Enterprise Linux and 6 more 2023-12-10 2.1 LOW N/A
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
CVE-2005-4740 1 Ibm 1 Db2 Universal Database 2023-12-10 4.0 MEDIUM N/A
IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by "connecting from a downlevel client."
CVE-2005-1182 1 Ibm 1 Os 400 2023-12-10 5.0 MEDIUM N/A
Unknown vulnerability in Incoming Remote Command (iSeries Access for Windows Remote Command service) in IBM OS/400 R510, R520, and R530 allows attackers to cause a denial of service (IRC shutdown) via certain inputs.
CVE-2005-1176 1 Ibm 1 Aix 2023-12-10 1.2 LOW N/A
Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while I/O is still occurring for that file, may write data to a different file, which could leak sensitive information.
CVE-2006-0666 1 Ibm 1 Aix 2023-12-10 4.9 MEDIUM N/A
Unspecified vulnerability in the (1) unix_mp and (2) unix_64 kernels in IBM AIX 5.3 VRMF 5.3.0.30 through 5.3.0.33 allows local users to cause a denial of service (system crash) via unknown vectors related to EMULATE_VMX.
CVE-2006-4522 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Unspecified vulnerability in dtterm in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code with root privileges via unspecified vectors.
CVE-2004-2369 1 Ibm 1 Lotus Domino 2023-12-10 6.4 MEDIUM N/A
Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. (dot dot) in the directory creation command.
CVE-2006-0663 1 Ibm 1 Lotus Domino Inotes Client 2023-12-10 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Lotus Domino iNotes Client 6.5.4 and 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) an email subject; (2) an encoded javascript URI, as demonstrated using "java
script:"; or (3) when the Domino Web Access ActiveX control is not installed, via an email attachment filename.
CVE-2006-2432 1 Ibm 1 Websphere Application Server 2023-12-10 7.5 HIGH N/A
IBM WebSphere Application Server 5.0.2 (or any earlier cumulative fix) and 5.1.1 (or any earlier cumulative fix) allows EJB access on Solaris systems via a crafted LTPA token.
CVE-2006-2430 1 Ibm 1 Websphere Application Server 2023-12-10 10.0 HIGH N/A
IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges.
CVE-2005-2235 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.
CVE-2006-3067 1 Ibm 1 Db2 Universal Database 2023-12-10 5.0 MEDIUM N/A
Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) "long column list" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow.
CVE-2006-3862 1 Ibm 1 Informix Dynamic Server 2023-12-10 7.5 HIGH N/A
Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable (envariable).
CVE-2005-0240 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via format string specifiers in a command line argument, which is not properly handled when printing an error message.