Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Total 6982 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-1075 1 Ibm 1 Aix 2023-12-10 5.0 MEDIUM N/A
inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not properly closed by inetd.
CVE-1999-0014 3 Cde, Hp, Ibm 4 Cde, Hp-ux, Vvos and 1 more 2023-12-10 7.2 HIGH N/A
Unauthorized privileged access or denial of service via dtappgather program in CDE.
CVE-2002-0743 1 Ibm 1 Aix 2023-12-10 10.0 HIGH N/A
mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow.
CVE-1999-0048 3 Debian, Ibm, Nec 5 Netkit, Aix, Asl Ux 4800 and 2 more 2023-12-10 10.0 HIGH N/A
Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.
CVE-1999-0118 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
AIX infod allows local users to gain root access through an X display.
CVE-1999-0138 7 Apple, Digital, Freebsd and 4 more 9 A Ux, Osf 1, Freebsd and 6 more 2023-12-10 7.2 HIGH N/A
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.
CVE-1999-0835 3 Ibm, Sco, Sun 4 Aix, Openserver, Unixware and 1 more 2023-12-10 10.0 HIGH N/A
Denial of service in BIND named via malformed SIG records.
CVE-2002-1040 1 Ibm 1 Aix 2023-12-10 5.0 MEDIUM N/A
Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.
CVE-2002-1201 1 Ibm 1 Aix 2023-12-10 5.0 MEDIUM N/A
IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing the associated memory buffers.
CVE-2000-0761 1 Ibm 1 Os2 Ftp Server 2023-12-10 5.0 MEDIUM N/A
OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long username.
CVE-1999-0003 5 Hp, Ibm, Sgi and 2 more 6 Hp-ux, Aix, Irix and 3 more 2023-12-10 10.0 HIGH N/A
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).
CVE-2002-0037 1 Ibm 1 Lotus Domino Server 2023-12-10 7.5 HIGH N/A
Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses the object.
CVE-1999-0112 2 Cde, Ibm 2 Cde, Aix 2023-12-10 7.2 HIGH N/A
Buffer overflow in AIX dtterm program for the CDE.
CVE-1999-0693 3 Hp, Ibm, Sco 3 Hp-ux, Aix, Unixware 2023-12-10 7.2 HIGH N/A
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
CVE-2000-1038 1 Ibm 1 As400 Firewall 2023-12-10 5.0 MEDIUM N/A
The web administration interface for IBM AS/400 Firewall allows remote attackers to cause a denial of service via an empty GET request.
CVE-2000-1138 1 Ibm 1 Lotus Notes 2023-12-10 7.5 HIGH N/A
Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected.
CVE-1999-0128 5 Digital, Ibm, Linux and 2 more 9 Osf 1, Aix, Sng and 6 more 2023-12-10 5.0 MEDIUM N/A
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.
CVE-2002-2025 1 Ibm 1 Lotus Domino Server 2023-12-10 5.0 MEDIUM N/A
Lotus Domino server 5.0.9a and earlier allows remote attackers to cause a denial of service by exhausting the number of working threads via a large number of HTTP requests for (1) an MS-DOS device name and (2) an MS-DOS device name with a large number of characters appended to the device name.
CVE-2003-1282 1 Ibm 1 Net.data 2023-12-10 5.0 MEDIUM N/A
IBM Net.Data allows remote attackers to obtain sensitive information such as path names, server names and possibly user names and passwords by causing the (1) $(DTW_CURRENT_FILENAME), (2) $(DATABASE), (3) $(LOGIN), (4) $(PASSWORD), and possibly other predefined variables that can be echoed back to the user via a web form.
CVE-2001-0052 1 Ibm 1 Db2 Universal Database 2023-12-10 2.1 LOW N/A
IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query.