Filtered by vendor Ibm
Subscriptions
Total
8337 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-0211 | 1 Ibm | 2 Db2, Db2 Connect | 2025-04-12 | N/A |
| IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted DRDA message. | ||||
| CVE-2016-0208 | 1 Ibm | 1 Websphere Commerce | 2025-04-12 | N/A |
| IBM WebSphere Commerce 6.x through 6.0.0.11, 7.x through 7.0.0.9, and 8.x before 8.0.0.3 allows remote attackers to cause a denial of service (order-processing outage) via unspecified vectors. | ||||
| CVE-2016-0204 | 1 Ibm | 1 Cloud Orchestrator | 2025-04-12 | N/A |
| Open redirect vulnerability in IBM Cloud Orchestrator 2.4.x before 2.4.0 FP3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2013-6304 | 1 Ibm | 2 Algo One, Algo Risk Application | 2025-04-12 | N/A |
| Multiple directory traversal vulnerabilities in Algo Risk Application (ARA) 2.4.0.1 through 4.9.1 in IBM Algo One allow remote authenticated users to bypass intended access restrictions via a crafted pathname for a (1) configuration or (2) JAR file. | ||||
| CVE-2016-0201 | 1 Ibm | 1 Security Network Protection Firmware | 2025-04-12 | N/A |
| GSKit in IBM Security Network Protection 5.3.1 before 5.3.1.7 and 5.3.2 allows remote attackers to discover credentials by triggering an MD5 collision. | ||||
| CVE-2013-6308 | 1 Ibm | 1 Marketing Platform | 2025-04-12 | N/A |
| IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to conduct phishing attacks and capture login credentials via an unspecified injection. | ||||
| CVE-2013-6309 | 1 Ibm | 1 Marketing Platform | 2025-04-12 | N/A |
| IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to hijack sessions, and consequently read records, modify records, or conduct transactions, via an unspecified link injection. | ||||
| CVE-2013-6310 | 1 Ibm | 1 Marketing Platform | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-6311 | 1 Ibm | 1 Marketing Platform | 2025-04-12 | N/A |
| SQL injection vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-6314 | 1 Ibm | 2 Enterprise Records, Infosphere Enterprise Records | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM InfoSphere Enterprise Records 4.5.1 before 4.5.1.7-IER-IF001 and Enterprise Records 5.1.1 before 5.1.1.1-IER-IF003 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-6315 | 1 Ibm | 2 Enterprise Records, Infosphere Enterprise Records | 2025-04-12 | N/A |
| IBM InfoSphere Enterprise Records 4.5.1 before 4.5.1.7-IER-IF001 and Enterprise Records 5.1.1 before 5.1.1.1-IER-IF003 do not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site. | ||||
| CVE-2016-5878 | 1 Ibm | 1 Filenet Workplace | 2025-04-12 | N/A |
| Open redirect vulnerability in IBM FileNet Workplace 4.0.2 before 4.0.2.14 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2015-5051 | 1 Ibm | 9 Maximo Asset Management, Maximo Asset Management Essentials, Maximo For Government and 6 more | 2025-04-12 | N/A |
| IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.2 IF1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.2 IF1 for SmartCloud Control Desk allow remote authenticated users to bypass intended access restrictions on query results via unspecified vectors. | ||||
| CVE-2013-6713 | 1 Ibm | 1 Tivoli Storage Manager For Virtual Environments | 2025-04-12 | N/A |
| The Data Protection for VMware component in IBM Tivoli Storage Manager for Virtual Environments (TSMVE) 6.3 through 7.1.0.2 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service (disk consumption) via unspecified GUI actions. | ||||
| CVE-2013-6714 | 1 Ibm | 1 Tivoli Storage Flashcopy Manager | 2025-04-12 | N/A |
| The FlashCopy Manager for VMware component in IBM Tivoli Storage FlashCopy Manager 3.1 through 4.1.0.1 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service (data overwrite or disk consumption) via unspecified GUI actions. | ||||
| CVE-2016-5879 | 1 Ibm | 3 Mq Appliance Firmware, Mq Appliance M2000, Mq Appliance M2001 | 2025-04-12 | N/A |
| MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users to execute arbitrary shell commands via a crafted (1) Disaster Recovery or (2) High Availability command. | ||||
| CVE-2013-6720 | 1 Ibm | 1 Tealeaf Cx | 2025-04-12 | N/A |
| Directory traversal vulnerability in download.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to bypass intended access restrictions via a .. (dot dot) in the log parameter, as demonstrated using a crafted request for a customer-support file, as demonstrated by a log file. | ||||
| CVE-2016-5890 | 1 Ibm | 1 Sterling B2b Integrator | 2025-04-12 | N/A |
| IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 5020602_1 allows remote authenticated users to change arbitrary passwords via unspecified vectors. | ||||
| CVE-2016-5905 | 1 Ibm | 1 Maximo Asset Management | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5 before 7.5.0.10 IF3 and 7.6 before 7.6.0.5 IF2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2016-5920 | 1 Ibm | 1 Financial Transaction Manager | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the Web UI in IBM Financial Transaction Manager (FTM) for ACH Services 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||