Filtered by vendor Ibm
Subscriptions
Total
8294 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-2018 | 1 Ibm | 2 Integration Bus, Websphere Message Broker | 2025-04-12 | N/A |
| IBM Integration Bus 9 and 10 before 10.0.0.1 and WebSphere Message Broker 7 before 7.0.0.8 and 8 before 8.0.0.7 do not ensure that the correct security profile is selected, which allows remote authenticated users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2016-2946 | 2 Ibm, Linux | 2 Tivoli Monitoring, Linux Kernel | 2025-04-12 | N/A |
| Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring (ITM) 6.2.2 before FP9, 6.2.3 before FP5, and 6.3.0 before FP2 on Linux and UNIX allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2015-2019 | 1 Ibm | 1 Tivoli Directory Server | 2025-04-12 | N/A |
| IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, 6.3 before iFix 37, 6.3.1 before iFix 11, and 6.4 before iFix 2 does not prevent caching of documents retrieved in SSL sessions, which allows physically proximate attackers to obtain sensitive information by leveraging an unattended workstation. | ||||
| CVE-2016-2944 | 1 Ibm | 1 Bigfix Remote Control | 2025-04-12 | N/A |
| IBM BigFix Remote Control before 9.1.3 does not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach. | ||||
| CVE-2016-2943 | 1 Ibm | 1 Bigfix Remote Control | 2025-04-12 | N/A |
| IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by leveraging unspecified privileges to read a log file. | ||||
| CVE-2016-2940 | 1 Ibm | 1 Bigfix Remote Control | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in IBM BigFix Remote Control before 9.1.3 allow remote attackers to obtain sensitive information via unknown vectors. | ||||
| CVE-2015-2023 | 2 Ibm, Microsoft | 2 I Access, Windows | 2025-04-12 | N/A |
| Buffer overflow in IBM i Access 7.1 on Windows allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2016-2937 | 1 Ibm | 1 Bigfix Remote Control | 2025-04-12 | N/A |
| IBM BigFix Remote Control before 9.1.3 allows remote attackers to obtain sensitive information or spoof e-mail transmission via a crafted POST request, related to an "untrusted information vulnerability." | ||||
| CVE-2016-2935 | 1 Ibm | 1 Bigfix Remote Control | 2025-04-12 | N/A |
| The broker application in IBM BigFix Remote Control before 9.1.3 allows remote attackers to cause a denial of service via an invalid HTTP request. | ||||
| CVE-2016-2934 | 1 Ibm | 1 Bigfix Remote Control | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2016-2933 | 1 Ibm | 1 Bigfix Remote Control | 2025-04-12 | N/A |
| Directory traversal vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated administrators to read arbitrary files via a crafted request. | ||||
| CVE-2016-2932 | 1 Ibm | 1 Bigfix Remote Control | 2025-04-12 | N/A |
| IBM BigFix Remote Control before 9.1.3 allows remote attackers to conduct XML injection attacks via unspecified vectors. | ||||
| CVE-2015-2025 | 1 Ibm | 1 Websphere Extreme Scale | 2025-04-12 | N/A |
| IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | ||||
| CVE-2015-2027 | 1 Ibm | 1 Websphere Extreme Scale | 2025-04-12 | N/A |
| IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 improperly performs logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation. | ||||
| CVE-2016-2931 | 1 Ibm | 1 Bigfix Remote Control | 2025-04-12 | N/A |
| IBM BigFix Remote Control before 9.1.3 allows remote attackers to obtain sensitive cleartext information by sniffing the network. | ||||
| CVE-2016-2929 | 1 Ibm | 1 Bigfix Remote Control | 2025-04-12 | N/A |
| IBM BigFix Remote Control before 9.1.3 does not properly restrict password choices, which makes it easier for remote attackers to obtain access via a brute-force approach. | ||||
| CVE-2016-2928 | 1 Ibm | 1 Bigfix Remote Control | 2025-04-12 | N/A |
| IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to obtain sensitive information by reading error logs. | ||||
| CVE-2016-2923 | 1 Ibm | 1 Websphere Application Server | 2025-04-12 | N/A |
| IBM WebSphere Application Server (WAS) 8.5 through 8.5.5.9 Liberty before Liberty Fix Pack 16.0.0.2 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified JAX-RS API cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. | ||||
| CVE-2015-2030 | 1 Ibm | 1 Websphere Extreme Scale | 2025-04-12 | N/A |
| IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 has an improper account-lockout setting, which makes it easier for remote attackers to obtain access via a brute-force attack. | ||||
| CVE-2015-2031 | 1 Ibm | 1 Websphere Extreme Scale | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | ||||