Filtered by vendor Ibm
Subscribe
Total
7312 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-6136 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 10.0 HIGH | N/A |
| IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) does not perform EAL4 authentication checks at the proper time during "registering of response operation," which has unknown impact and attack vectors. | |||||
| CVE-2006-6135 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) have unknown impact and attack vectors, related to (1) a "Potential security vulnerability" (PK29725) and (2) "Potential security exposure" (PK30831). | |||||
| CVE-2006-5855 | 1 Ibm | 1 Tivoli Storage Manager | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message. | |||||
| CVE-2006-5835 | 1 Ibm | 1 Lotus Notes | 2024-11-21 | 5.0 MEDIUM | N/A |
| The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file. | |||||
| CVE-2006-5818 | 1 Ibm | 1 Lotus Domino | 2024-11-21 | 7.2 HIGH | N/A |
| Multiple buffer overflows in tunekrnl in IBM Lotus Domino 6.x before 6.5.5 FP2 and 7.x before 7.0.2 allow local users to gain privileges and execute arbitrary code via unspecified vectors. | |||||
| CVE-2006-5664 | 1 Ibm | 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect | 2024-11-21 | 4.6 MEDIUM | N/A |
| The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files. | |||||
| CVE-2006-5663 | 1 Ibm | 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect | 2024-11-21 | 4.6 MEDIUM | N/A |
| IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts. | |||||
| CVE-2006-5324 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 7.5 HIGH | N/A |
| The Web Services Notification (WSN) security component of IBM WebSphere Application Server before 6.1.0.2 allows attackers to obtain unspecified access without supplying a username and password, aka PK28374. | |||||
| CVE-2006-5323 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in IBM WebSphere Application Server before 6.1.0.2 has unspecified impact and attack vectors, related to a "possible security exposure," aka PK29360. | |||||
| CVE-2006-5163 | 1 Ibm | 1 Informix Dynamic Server | 2024-11-21 | 3.6 LOW | N/A |
| IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly other versions creates /tmp/installserver.txt with insecure permissions, which allows local users to append data to arbitrary files via a symlink attack. | |||||
| CVE-2006-5161 | 1 Ibm | 1 Client Security Password Manager | 2024-11-21 | 6.4 MEDIUM | N/A |
| IBM Client Security Password Manager stores and distributes saved passwords based upon the title of a website, which allows remote attackers to obtain username and password credentials by changing the title of an HTML page. | |||||
| CVE-2006-5011 | 1 Ibm | 1 Aix | 2024-11-21 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in snappd in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via a Trojan horse program, involving the "system subroutine". | |||||
| CVE-2006-5010 | 1 Ibm | 1 Aix | 2024-11-21 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in acctctl in IBM AIX 5.3.0 allows local users to execute arbitrary commands by modifying the path to point to a malicious mkdir program. | |||||
| CVE-2006-5009 | 1 Ibm | 1 Aix | 2024-11-21 | 7.2 HIGH | N/A |
| Unspecified vulnerability in xlock in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands and overwrite arbitrary files via unspecified vectors, possibly involving a buffer overflow. | |||||
| CVE-2006-5008 | 1 Ibm | 1 Aix | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows attackers to execute arbitrary commands and overwrite arbitrary files via unspecified vectors. | |||||
| CVE-2006-5007 | 1 Ibm | 1 Aix | 2024-11-21 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in uucp in IBM AIX 5.2.0 and 5.3.0 allows local users to local users to gain privileges via a Trojan horse program involving uux. | |||||
| CVE-2006-5006 | 1 Ibm | 1 Aix | 2024-11-21 | 7.2 HIGH | N/A |
| Buffer overflow in cfgmgr in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long directory path argument. | |||||
| CVE-2006-5005 | 1 Ibm | 1 Aix | 2024-11-21 | 7.2 HIGH | N/A |
| Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login. | |||||
| CVE-2006-5004 | 1 Ibm | 1 Aix | 2024-11-21 | 2.1 LOW | N/A |
| Unspecified vulnerability in the rdist command in IBM AIX 5.2.0 and 5.3.0 allows local users to overwrite arbitrary files via unspecified vectors. | |||||
| CVE-2006-5003 | 1 Ibm | 1 Aix | 2024-11-21 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the named8 command in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors. | |||||