Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Total 6987 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2000-1110 1 Ibm 1 Net.data 2023-12-10 5.0 MEDIUM N/A
document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program.
CVE-2001-1330 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument.
CVE-2001-0122 1 Ibm 2 Http Server, Websphere Application Server 2023-12-10 5.0 MEDIUM N/A
Kernel leak in AfpaCache module of the Fast Response Cache Accelerator (FRCA) component of IBM HTTP Server 1.3.x and Websphere 3.52 allows remote attackers to cause a denial of service via a series of malformed HTTP requests that generate a "bad request" error.
CVE-2002-0790 1 Ibm 1 Aix 2023-12-10 2.1 LOW N/A
clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.
CVE-2001-0573 1 Ibm 1 Aix 2023-12-10 4.6 MEDIUM N/A
lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory.
CVE-2003-1527 2 Ibm, Iss 2 Internet Security Systems Blackice Defender, Blackice Server Protection 2023-12-10 4.3 MEDIUM N/A
BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.
CVE-2001-0671 1 Ibm 1 Aix 2023-12-10 10.0 HIGH N/A
Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.
CVE-1999-1414 1 Ibm 1 Netfinity Remote Control 2023-12-10 7.2 HIGH N/A
IBM Netfinity Remote Control allows local users to gain administrator privileges by starting programs from the process manager, which runs with system level privileges.
CVE-2000-0652 1 Ibm 1 Websphere Application Server 2023-12-10 5.0 MEDIUM N/A
IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string.
CVE-2002-1168 1 Ibm 1 Websphere Caching Proxy Server 2023-12-10 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP request that contains an Location: header with a "%0a%0d" (CRLF) sequence, which echoes the Location as an HTTP header in the server response.
CVE-2003-0914 9 Compaq, Freebsd, Hp and 6 more 10 Tru64, Freebsd, Hp-ux and 7 more 2023-12-10 4.3 MEDIUM N/A
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
CVE-2001-1189 1 Ibm 1 Websphere Application Server 2023-12-10 4.6 MEDIUM N/A
IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script.
CVE-2004-1082 8 Apache, Apple, Avaya and 5 more 14 Http Server, Apache Mod Digest Apple, Communication Manager and 11 more 2023-12-10 7.5 HIGH N/A
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
CVE-2001-1080 1 Ibm 1 Aix 2023-12-10 10.0 HIGH N/A
diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable to find and execute certain programs, which allows local users to gain privileges by modifying the variable to point to a Trojan horse program.
CVE-1999-1117 1 Ibm 1 Aix 2023-12-10 2.1 LOW N/A
lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter.
CVE-2001-1554 1 Ibm 1 Aix 2023-12-10 5.0 MEDIUM N/A
IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets.
CVE-2004-0493 5 Apache, Avaya, Gentoo and 2 more 8 Http Server, Converged Communications Server, S8300 and 5 more 2023-12-10 6.4 MEDIUM N/A
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
CVE-2000-0249 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program.
CVE-2000-1124 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long environmental variables.
CVE-2001-0856 1 Ibm 1 4758 2023-12-10 4.6 MEDIUM N/A
Common Cryptographic Architecture (CCA) in IBM 4758 allows an attacker with physical access to the system and Combine_Key_Parts permissions, to steal DES and 3DES keys by using a brute force attack to create a 3DES exporter key.