Search Results (8339 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-1916 1 Ibm 1 Java 2026-05-27 7.5 High
Unspecified vulnerability in IBM Java 8 before SR1 allows remote attackers to cause a denial of service via unknown vectors related to SSL/TLS and the Secure Socket Extension provider.
CVE-2026-8633 1 Ibm 2 Web Server Plug Ins For Websphere Application Server And Websphere Liberty, Websphere Application Server 2026-05-27 9.8 Critical
IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to remote code execution in the Web Server Plug-ins, through a specially crafted request.
CVE-2026-8855 3 Ibm, Linux, Microsoft 5 Aix, Http Server, Z\/os and 2 more 2026-05-27 8.1 High
IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication).
CVE-2015-4000 13 Apple, Canonical, Debian and 10 more 31 Iphone Os, Mac Os X, Safari and 28 more 2026-05-27 3.7 Low
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
CVE-2015-0192 3 Ibm, Redhat, Suse 10 Java, Enterprise Linux Desktop, Enterprise Linux Server and 7 more 2026-05-27 9.8 Critical
Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.
CVE-2026-4051 1 Ibm 1 Engineering Lifecycle Management 2026-05-27 7.2 High
IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an attacker with administrative privileges to execute remote code due to exposed method that is not properly restricted.
CVE-2025-13755 1 Ibm 1 Db2 2026-05-27 5.5 Medium
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes DB2 Connect Server) stores potentially sensitive information in log files that could be read by a local user.
CVE-2026-8856 3 Ibm, Linux, Microsoft 5 Aix, Http Server, Z\/os and 2 more 2026-05-27 7.7 High
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration.
CVE-2026-8850 3 Ibm, Linux, Microsoft 5 Aix, Http Server, Z\/os and 2 more 2026-05-26 7.5 High
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_ibm_upload.
CVE-2026-8852 3 Ibm, Linux, Microsoft 5 Aix, Http Server, Z\/os and 2 more 2026-05-26 6.2 Medium
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_fastcgi module.
CVE-2026-8834 3 Ibm, Linux, Microsoft 5 Aix, Http Server, Z\/os and 2 more 2026-05-26 8 High
IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service.
CVE-2026-8835 3 Ibm, Linux, Microsoft 5 Aix, Http Server, Z\/os and 2 more 2026-05-26 7.3 High
IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service.
CVE-2026-8854 3 Ibm, Linux, Microsoft 5 Aix, Http Server, Z\/os and 2 more 2026-05-26 7.5 High
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache.
CVE-2026-5935 1 Ibm 3 Total Storage Service Console, Total Storage Service Console Tssc Ts4500 Imc, Ts4500 Imc 2026-05-18 7.3 High
IBM Total Storage Service Console (TSSC) / TS4500 IMC 9.2, 9.3, 9.4, 9.5, 9.6 TSSC/IMC could allow an unauthenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input.
CVE-2025-36074 1 Ibm 2 Security Verify Directory, Security Verify Directory Container 2026-05-13 5.5 Medium
IBM Security Verify Directory (Container) 10.0.0 through 10.0.0.3 IBM Security Verify Directory could be vulnerable to malicious file upload by not validating file type. A privileged user could upload malicious files into the system that can be sent to victims for performing further attacks against the system.
CVE-2026-5926 1 Ibm 4 Security Verify Access, Security Verify Access Container, Verify Identity Access and 1 more 2026-05-13 6.5 Medium
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVE-2026-3621 1 Ibm 2 Websphere Application Server, Websphere Application Server Liberty 2026-05-13 7.5 High
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Server Liberty is vulnerable to identity spoofing under limited conditions when an application is deployed without authentication and authorization configured.
CVE-2025-36335 1 Ibm 2 Watsonx.data, Watsonxdata Intelligence 2026-05-12 6.2 Medium
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.3.0, 5.3.1 stores user credentials in plain text which can be read by a local user.
CVE-2025-36180 1 Ibm 2 Watsonx.data, Watsonxdata 2026-05-12 5.3 Medium
IBM watsonx.data 2.2 through 2.3 IBM Lakehouse does not properly restrict communication between pods which could allow an attacker to transfer data between pods without restrictions.
CVE-2026-4503 2 Ibm, Langflow 2 Langflow Desktop, Langflow Desktop 2026-05-11 7.5 High
IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow could allow an unauthenticated user to view other users' images due to an indirect object reference through a user-controlled key.