Filtered by vendor Ibm
Subscribe
Search
Total
2663 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0064 | 1 Ibm | 1 Aix | 2008-09-09 | 7.2 HIGH | N/A |
| Buffer overflow in AIX lquerylv program gives root access to local users. | |||||
| CVE-1999-0057 | 5 Eric Allman, Freebsd, Hp and 2 more | 7 Vacation, Freebsd, Hp-ux and 4 more | 2008-09-09 | 7.5 HIGH | N/A |
| Vacation program allows command execution by remote users through a sendmail command. | |||||
| CVE-1999-0128 | 5 Digital, Ibm, Linux and 2 more | 9 Osf 1, Aix, Sng and 6 more | 2008-09-09 | 5.0 MEDIUM | N/A |
| Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. | |||||
| CVE-1999-0048 | 3 Debian, Ibm, Nec | 5 Netkit, Aix, Asl Ux 4800 and 2 more | 2008-09-09 | 10.0 HIGH | N/A |
| Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges. | |||||
| CVE-1999-0115 | 1 Ibm | 1 Aix | 2008-09-09 | 7.2 HIGH | N/A |
| AIX bugfiler program allows local users to gain root access. | |||||
| CVE-1999-0116 | 1 Ibm | 2 Aix, Sng | 2008-09-09 | 5.0 MEDIUM | N/A |
| Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood. | |||||
| CVE-1999-0117 | 1 Ibm | 1 Aix | 2008-09-09 | 7.2 HIGH | N/A |
| AIX passwd allows local users to gain root access. | |||||
| CVE-1999-0042 | 5 Bsdi, Caldera, Ibm and 2 more | 6 Bsd Os, Openlinux, Aix and 3 more | 2008-09-09 | 10.0 HIGH | N/A |
| Buffer overflow in University of Washington's implementation of IMAP and POP servers. | |||||
| CVE-1999-0041 | 5 Cray, Gnu, Ibm and 2 more | 6 Unicos, Unicos Max, Libc and 3 more | 2008-09-09 | 7.5 HIGH | N/A |
| Buffer overflow in NLS (Natural Language Service). | |||||
| CVE-1999-0091 | 1 Ibm | 1 Aix | 2008-09-09 | 7.2 HIGH | N/A |
| Buffer overflow in AIX writesrv command allows local users to obtain root access. | |||||
| CVE-1999-0130 | 7 Bsdi, Caldera, Eric Allman and 4 more | 7 Bsd Os, Network Desktop, Sendmail and 4 more | 2008-09-09 | 7.2 HIGH | N/A |
| Local users can start Sendmail in daemon mode and gain root privileges. | |||||
| CVE-1999-0092 | 1 Ibm | 1 Aix | 2008-09-09 | 7.2 HIGH | N/A |
| Various vulnerabilities in the AIX portmir command allows local users to obtain root access. | |||||
| CVE-1999-0090 | 1 Ibm | 1 Aix | 2008-09-09 | 7.2 HIGH | N/A |
| Buffer overflow in AIX rcp command allows local users to obtain root access. | |||||
| CVE-1999-0094 | 1 Ibm | 1 Aix | 2008-09-09 | 4.6 MEDIUM | N/A |
| AIX piodmgrsu command allows local users to gain additional group privileges. | |||||
| CVE-1999-0131 | 8 Bsdi, Digital, Eric Allman and 5 more | 9 Bsd Os, Osf 1, Sendmail and 6 more | 2008-09-09 | 7.2 HIGH | N/A |
| Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. | |||||
| CVE-1999-0138 | 7 Apple, Digital, Freebsd and 4 more | 9 A Ux, Osf 1, Freebsd and 6 more | 2008-09-09 | 7.2 HIGH | N/A |
| The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. | |||||
| CVE-1999-0014 | 3 Cde, Hp, Ibm | 4 Cde, Hp-ux, Vvos and 1 more | 2008-09-09 | 7.2 HIGH | N/A |
| Unauthorized privileged access or denial of service via dtappgather program in CDE. | |||||
| CVE-1999-0017 | 9 Caldera, Freebsd, Gnu and 6 more | 11 Openlinux, Freebsd, Inet and 8 more | 2008-09-09 | 7.5 HIGH | N/A |
| FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. | |||||
| CVE-1999-0101 | 1 Ibm | 1 Aix | 2008-09-09 | 10.0 HIGH | N/A |
| Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names. | |||||
| CVE-1999-0019 | 7 Data General, Ibm, Ncr and 4 more | 10 Dg Ux, Aix, Mp-ras and 7 more | 2008-09-09 | 5.0 MEDIUM | N/A |
| Delete or create a file via rpc.statd, due to invalid information. | |||||
| CVE-1999-0087 | 1 Ibm | 1 Aix | 2008-09-09 | 5.0 MEDIUM | N/A |
| Denial of service in AIX telnet can freeze a system and prevent users from accessing the server. | |||||
| CVE-1999-0111 | 1 Ibm | 1 Aix | 2008-09-09 | 5.0 MEDIUM | N/A |
| RIP v1 is susceptible to spoofing. | |||||
| CVE-1999-0113 | 1 Ibm | 1 Aix | 2008-09-09 | 10.0 HIGH | N/A |
| Some implementations of rlogin allow root access if given a -froot parameter. | |||||
| CVE-1999-0086 | 1 Ibm | 1 Aix | 2008-09-09 | 5.0 MEDIUM | N/A |
| AIX routed allows remote users to modify sensitive files. | |||||
| CVE-2007-5559 | 1 Ibm | 1 Thinkvantage Tpm | 2008-09-05 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2007-5757 | 1 Ibm | 1 Db2 Universal Database | 2008-09-05 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library. NOTE: this might be the same issue as CVE-2008-0697. | |||||
| CVE-2007-4309 | 1 Ibm | 1 Lotus Notes | 2008-09-05 | 3.5 LOW | N/A |
| IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696. | |||||
| CVE-2007-3676 | 1 Ibm | 1 Db2 | 2008-09-05 | 10.0 HIGH | N/A |
| IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests, which triggers memory corruption or other invalid memory access. NOTE: this might be the same issue as CVE-2008-0698. | |||||
| CVE-2007-1941 | 1 Ibm | 1 Lotus Notes | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in Domino Web Access (DWA) in IBM Lotus Notes before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via a multipart/related e-mail message, a different issue than CVE-2006-4843. | |||||
| CVE-2006-7164 | 3 Ibm, Linux, Unix | 3 Websphere Application Server, Linux Kernel, Unix | 2008-09-05 | 4.3 MEDIUM | N/A |
| SimpleFileServlet in IBM WebSphere Application Server 5.0.1 through 5.0.2.7 on Linux and UNIX does not block certain invalid URIs and does not issue a security challenge, which allows remote attackers to read secure files and obtain sensitive information via certain requests. | |||||
| CVE-2006-6638 | 1 Ibm | 1 Db2 Universal Database | 2008-09-05 | 5.0 MEDIUM | N/A |
| IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257. | |||||
| CVE-2006-6836 | 1 Ibm | 1 Os 400 | 2008-09-05 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in osp-cert in IBM OS/400 V5R3M0 have unspecified impact and attack vectors, related to ASN.1 parsing. | |||||
| CVE-2006-3778 | 1 Ibm | 1 Lotus Notes | 2008-09-05 | 5.0 MEDIUM | N/A |
| IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate name users when the (1) "Save As Draft" option is used or (2) a "," (comma) is inside the "phrase" portion of an address, which can cause the e-mail to be sent to users that were deleted from the To, CC, and BCC fields, which allows remote attackers to obtain the list of original recipients. | |||||
| CVE-2006-1948 | 1 Ibm | 1 Lotus Notes | 2008-09-05 | 4.0 MEDIUM | N/A |
| The "Add Sender to Address Book" operation (AddSenderToAddressBook.lss) and NameHelper.lss in IBM Lotus Notes 6.0 and 6.5 before 20060331 do not properly store information in the Personal Address Book when multiple messages are checked and a message uses AltFrom, which might allow user-assisted remote attackers to trick a user into sending e-mail to an unauthorized recipient. | |||||
| CVE-2005-4736 | 1 Ibm | 1 Db2 Universal Database | 2008-09-05 | 6.8 MEDIUM | N/A |
| IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks. | |||||
| CVE-2005-4739 | 1 Ibm | 1 Db2 Universal Database | 2008-09-05 | 6.8 MEDIUM | N/A |
| IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action. | |||||
| CVE-2005-4738 | 1 Ibm | 1 Db2 Universal Database | 2008-09-05 | 6.5 MEDIUM | N/A |
| IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges. | |||||
| CVE-2005-4737 | 1 Ibm | 1 Db2 Universal Database | 2008-09-05 | 7.5 HIGH | N/A |
| IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by "abnormally" terminating a connection, which prevents db2agents from being properly cleared. | |||||
| CVE-2005-4735 | 1 Ibm | 1 Db2 Universal Database | 2008-09-05 | 6.8 MEDIUM | N/A |
| IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817. | |||||
| CVE-2005-4740 | 1 Ibm | 1 Db2 Universal Database | 2008-09-05 | 4.0 MEDIUM | N/A |
| IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by "connecting from a downlevel client." | |||||
| CVE-2005-4413 | 1 Ibm | 1 Websphere Application Server | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in sample scripts in IBM WebSphere Application Server 6 allow remote attackers to inject arbitrary web script or HTML via the (1) E-mail address field to (a) PlantsByWebSphere/login.jsp, (2) message field to (b) TechnologySample/BulletinBoard Script, (3) Email address field to (c) TechnologySamples/Subscription, and the (4) Movie Name, (5) Movie Reviewer, and (6) Movie Review fields to (d) TechnologySamples/MovieReview2_1. | |||||
| CVE-2005-3642 | 1 Ibm | 1 Informix Dynamic Database Server | 2008-09-05 | 7.5 HIGH | N/A |
| IBM Informix Dynamic Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account by supplying an invalid username. | |||||
| CVE-2005-3643 | 1 Ibm | 1 Db2 Universal Database | 2008-09-05 | 7.5 HIGH | N/A |
| IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password. | |||||
| CVE-2005-3289 | 1 Ibm | 1 Aix | 2008-09-05 | 2.1 LOW | N/A |
| LSCFG in IBM AIX 5.2 and 5.3 does not create temporary files securely, which allows local users to corrupt /etc/passwd and possibly other system files via the trace file. | |||||
| CVE-2005-3015 | 1 Ibm | 2 Lotus Domino, Lotus Domino Enterprise Server | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters. | |||||
| CVE-2005-2238 | 1 Ibm | 1 Aix | 2008-09-05 | 2.1 LOW | N/A |
| ftpd in IBM AIX 5.1, 5.2 and 5.3 allows remote authenticated users to cause a denial of service (port exhaustion and memory consumption) by using all ephemeral ports. | |||||
| CVE-2005-2175 | 1 Ibm | 1 Lotus Notes | 2008-09-05 | 5.0 MEDIUM | N/A |
| The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies. | |||||
| CVE-2005-2237 | 1 Ibm | 1 Aix | 2008-09-05 | 7.2 HIGH | N/A |
| Format string vulnerability in the swcons command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via long command line arguments. | |||||
| CVE-2005-2235 | 1 Ibm | 1 Aix | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments. | |||||
| CVE-2005-2232 | 1 Ibm | 1 Aix | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument. | |||||