Filtered by vendor Ibm
Subscribe
Total
7776 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1313 | 1 Ibm | 1 Lotus Domino R5 | 2023-11-07 | 7.5 HIGH | N/A |
| Lotus Domino R5 before R5.0.7a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via miscellaneous packets with semi-valid BER encodings, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2000-0505 | 2 Apache, Ibm | 2 Http Server, Http Server | 2023-11-07 | 5.0 MEDIUM | N/A |
| The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters. | |||||
| CVE-2000-1215 | 1 Ibm | 1 Lotus Domino | 2023-11-07 | 5.0 MEDIUM | N/A |
| The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information. | |||||
| CVE-1999-0088 | 1 Ibm | 1 Aix | 2023-11-07 | 10.0 HIGH | N/A |
| IRIX and AIX automountd services (autofsd) allow remote users to execute root commands. | |||||
| CVE-2023-46158 | 1 Ibm | 1 Websphere Application Server Liberty | 2023-11-01 | N/A | 9.8 CRITICAL |
| IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide weaker than expected security due to improper resource expiration handling. IBM X-Force ID: 268775. | |||||
| CVE-2023-42031 | 2 Ibm, Linux | 4 Aix, Cics Tx, Txseries For Multiplatforms and 1 more | 2023-10-31 | N/A | 4.9 MEDIUM |
| IBM TXSeries for Multiplatforms, 8.1, 8.2, and 9.1, CICS TX Standard CICS TX Advanced 10.1 and 11.1 could allow a privileged user to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 266016. | |||||
| CVE-2023-43045 | 1 Ibm | 1 Sterling Partner Engagement Manager | 2023-10-28 | N/A | 7.5 HIGH |
| IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to perform unauthorized actions due to improper authentication. IBM X-Force ID: 266896. | |||||
| CVE-2023-33840 | 1 Ibm | 1 Security Verify Governance | 2023-10-28 | N/A | 4.8 MEDIUM |
| IBM Security Verify Governance 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 256037. | |||||
| CVE-2023-38722 | 1 Ibm | 1 Sterling Partner Engagement Manager | 2023-10-28 | N/A | 5.4 MEDIUM |
| IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 262174. | |||||
| CVE-2023-33839 | 1 Ibm | 1 Security Verify Governance | 2023-10-28 | N/A | 8.8 HIGH |
| IBM Security Verify Governance 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 256036. | |||||
| CVE-2022-22466 | 1 Ibm | 1 Security Verify Governance | 2023-10-28 | N/A | 9.8 CRITICAL |
| IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 225222. | |||||
| CVE-2023-38275 | 1 Ibm | 1 Cognos Dashboards On Cloud Pak For Data | 2023-10-27 | N/A | 7.5 HIGH |
| IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in container images which could lead to further attacks against the system. IBM X-Force ID: 260730. | |||||
| CVE-2023-38276 | 1 Ibm | 1 Cognos Dashboards On Cloud Pak For Data | 2023-10-27 | N/A | 7.5 HIGH |
| IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in environment variables which could aid in further attacks against the system. IBM X-Force ID: 260736. | |||||
| CVE-2023-38735 | 1 Ibm | 1 Cognos Dashboards On Cloud Pak For Data | 2023-10-27 | N/A | 6.5 MEDIUM |
| IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a victim to a phishing site. IBM X-Force ID: 262482. | |||||
| CVE-2023-38280 | 1 Ibm | 1 Hardware Management Console | 2023-10-19 | N/A | 7.8 HIGH |
| IBM HMC (Hardware Management Console) 10.1.1010.0 and 10.2.1030.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID: 260740. | |||||
| CVE-2023-35013 | 1 Ibm | 1 Security Verify Governance | 2023-10-19 | N/A | 4.4 MEDIUM |
| IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769. | |||||
| CVE-2023-40377 | 1 Ibm | 1 I | 2023-10-19 | N/A | 7.8 HIGH |
| Backup, Recovery, and Media Services (BRMS) for IBM i 7.2, 7.3, and 7.4 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system. IBM X-Force ID: 263583. | |||||
| CVE-2023-33836 | 1 Ibm | 1 Security Verify Governance | 2023-10-19 | N/A | 9.8 CRITICAL |
| IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 256016. | |||||
| CVE-2023-35018 | 1 Ibm | 1 Security Verify Governance | 2023-10-19 | N/A | 7.2 HIGH |
| IBM Security Verify Governance 10.0 could allow a privileged use to upload arbitrary files due to improper file validation. IBM X-Force ID: 259382. | |||||
| CVE-2023-45176 | 1 Ibm | 2 App Connect Enterprise, Integration Bus | 2023-10-19 | N/A | 5.5 MEDIUM |
| IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.10.0 and IBM Integration Bus 10.1 through 10.1.0.1 are vulnerable to a denial of service for integration nodes on Windows. IBM X-Force ID: 247998. | |||||