Search Results (8339 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-2964 1 Ibm 1 Sametime 2025-04-20 N/A
IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too detailed and may reveal details about the application. IBM X-Force ID: 113813.
CVE-2016-3034 1 Ibm 1 Security Appscan Source 2025-04-20 N/A
IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information, which could allow a local attacker to decrypt information more easily.
CVE-2016-2866 1 Ibm 1 Rational Collaborative Lifecycle Management 2025-04-20 N/A
An unspecified vulnerability in IBM Jazz Team Server may disclose some deployment information to an authenticated user.
CVE-2015-0194 1 Ibm 2 Sterling B2b Integrator, Sterling File Gateway 2025-04-20 N/A
XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allows remote attackers to read arbitrary files via a crafted XML data.
CVE-2016-10086 5 Ca, Ibm, Linux and 2 more 6 Service Desk Management, Service Desk Manager, Aix and 3 more 2025-04-20 N/A
RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request.
CVE-2016-10503 1 Ibm 1 Sametime 2025-04-20 N/A
IBM Sametime Meeting Server 8.5.2 and 9.0 could allow an authenticated and invited user of Sametime meeting to lower any or all hands in an e-meeting, thus spoofing results of votes in the meeting. IBM X-Force ID: 113803.
CVE-2015-0162 1 Ibm 1 Security Siteprotector System 2025-04-20 N/A
IBM Security SiteProtector System 3.0, 3.1, and 3.1.1 allows local users to gain privileges.
CVE-2016-0394 1 Ibm 2 Integration Bus, Websphere Message Broker 2025-04-20 N/A
IBM Integration Bus and WebSphere Message broker sets incorrect permissions for an object that could allow a local attacker to manipulate certain files.
CVE-2016-0396 1 Ibm 1 Bigfix Platform 2025-04-20 N/A
IBM Tivoli Endpoint Manager could allow a user under special circumstances to inject commands that would be executed with unnecessary higher privileges than expected.
CVE-2015-5013 1 Ibm 6 Security Access Manager 9.0, Security Access Manager 9.0 Firmware, Security Access Manager For Mobile and 3 more 2025-04-20 5.5 Medium
The IBM Security Access Manager appliance includes configuration files that contain obfuscated plaintext-passwords which authenticated users can access.
CVE-2015-0114 1 Ibm 1 I Access For Windows 2025-04-20 N/A
Stack-based buffer overflow in IBM V5R4, and IBM i Access for Windows 6.1 and 7.1.
CVE-2016-0382 1 Ibm 1 Tealeaf Consumer Experience 2025-04-20 N/A
The IBM Tealeaf Consumer Experience 8.7, 8.8, and 9.0 portal exposes some of its operational state in a form that may be accidentally captured and exposed by network infrastructure components such as IIS. IBM X-Force ID: 112356.
CVE-2015-0110 1 Ibm 2 Business Process Manager, Websphere Application Server 2025-04-20 N/A
IBM Business Process Manager (aka BPM) 7.5.x, 8.0.x, and 8.5.x and WebSphere Lombardi Edition (aka WLE) 7.2.x allow remote authenticated users to bypass intended access restrictions on internal service types via vectors involving the executeServiceByName URL.
CVE-2015-0107 1 Ibm 11 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 8 more 2025-04-20 N/A
IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo Asset Management and Maximo Industry Solutions 7.1 through 7.1.1.8, 7.5 before 7.5.0.7 IFIX003, and 7.6 before 7.6.0.0 IFIX002 allow remote authenticated users to conduct directory traversal attacks via unspecified vectors.
CVE-2015-0104 1 Ibm 11 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 8 more 2025-04-20 N/A
IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo Asset Management and Maximo Industry Solutions 7.1 through 7.1.1.8, 7.5 before 7.5.0.7 IFIX003, and 7.6 before 7.6.0.0 IFIX002 allow remote authenticated users to execute arbitrary code via unspecified vectors.
CVE-2015-0101 1 Ibm 1 Business Process Manager 2025-04-20 N/A
Cross-site scripting (XSS) vulnerability in IBM Business Process Manager Standard 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5; IBM Business Process Manager Express 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5; and IBM Business Process Manager Advanced 7.5.x before 7.5, 8.0.x before 8.0.1, 8.5.x before 8.5.5.
CVE-2014-9565 1 Ibm 4 En6131, En6131 Firmware, Ib6131 and 1 more 2025-04-20 N/A
Cross-site request forgery (CSRF) vulnerability in IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband Switch firmware 3.4.0000 and earlier.
CVE-2014-9564 1 Ibm 4 En6131, En6131 Firmware, Ib6131 and 1 more 2025-04-20 N/A
CRLF injection vulnerability in IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband Switch firmware before 3.4.1110 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks and resulting web cache poisoning or cross-site scripting (XSS) attacks, or obtain sensitive information via multiple unspecified parameters.
CVE-2016-0371 6 Apple, Hp, Ibm and 3 more 7 Mac Os X, Hp-ux, Aix and 4 more 2025-04-20 5.5 Medium
The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled.
CVE-2016-0360 1 Ibm 1 Websphere Mq Jms 2025-04-20 N/A
IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding vulnerable classes to the classpath. IBM Reference #: 1983457.