Filtered by vendor Ibm
Subscriptions
Total
7881 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-5002 | 1 Ibm | 1 Host On-demand | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Host On-Demand 11.0 through 11.0.14 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2016-2957 | 1 Ibm | 1 Connections | 2025-04-12 | N/A |
| IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to obtain sensitive information by reading a stack trace in a response. | ||||
| CVE-2016-5890 | 1 Ibm | 1 Sterling B2b Integrator | 2025-04-12 | N/A |
| IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 5020602_1 allows remote authenticated users to change arbitrary passwords via unspecified vectors. | ||||
| CVE-2015-5001 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
| IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote authenticated users to cause a denial of service (memory consumption) via a crafted document. | ||||
| CVE-2015-4997 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
| IBM WebSphere Portal 8.5.0 before CF08 allows remote attackers to bypass intended access restrictions via a crafted request. | ||||
| CVE-2015-4994 | 1 Ibm | 1 Domino | 2025-04-12 | N/A |
| Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash) via a crafted GIF image, aka SPRs KLYH9ZDKRE and KLYH9ZTLEZ, a different vulnerability than CVE-2015-5040. | ||||
| CVE-2015-4990 | 1 Ibm | 1 Tealeaf Customer Experience | 2025-04-12 | N/A |
| The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows local users to discover credentials by leveraging privileges during an unspecified connection type. | ||||
| CVE-2015-4989 | 1 Ibm | 1 Tealeaf Customer Experience | 2025-04-12 | N/A |
| The portal in IBM Tealeaf Customer Experience before 8.7.1.8814, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows remote attackers to read arbitrary charts by specifying an internal chart name. | ||||
| CVE-2015-4981 | 1 Ibm | 2 General Parallel File System, Spectrum Scale | 2025-04-12 | N/A |
| IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory via unspecified vectors. | ||||
| CVE-2015-4980 | 1 Ibm | 1 Websphere Commerce | 2025-04-12 | N/A |
| Unspecified vulnerability in IBM WebSphere Commerce 7.0.0.6 through 7.0.0.9 allows remote authenticated users to obtain sensitive personal information via unknown vectors. | ||||
| CVE-2015-4974 | 1 Ibm | 2 General Parallel File System, Spectrum Scale | 2025-04-12 | N/A |
| IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors. | ||||
| CVE-2015-4967 | 1 Ibm | 13 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 10 more | 2025-04-12 | N/A |
| SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX004, and 7.6.0 before 7.6.0.1 IFIX002; Maximo Asset Management 7.5.x before 7.5.0.8 IFIX004 and 7.6.0 before 7.6.0.1 IFIX002 for SmartCloud Control Desk; and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2015-4964 | 1 Ibm | 1 Urbancode Deploy | 2025-04-12 | N/A |
| IBM UrbanCode Deploy 6.0 and 6.0.1.x before 6.0.1.10, 6.1.1.x before 6.1.1.8, and 6.1.2 writes admin AUTH_TOKEN values to execution logs, which allows remote authenticated users to gain privileges by leveraging the ability to create and execute a process. | ||||
| CVE-2015-4959 | 1 Ibm | 1 Tivoli Federated Identity Manager | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP16 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2015-4958 | 1 Ibm | 1 Infosphere Master Data Management | 2025-04-12 | N/A |
| IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, 11.3 before 11.3.0.0 IF7, and 11.4 before 11.4.0.4 IF1 does not properly restrict browser caching, which allows local users to obtain sensitive information by reading cache files. | ||||
| CVE-2015-4956 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2025-04-12 | N/A |
| The Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated users to execute unspecified OS commands via unknown vectors. | ||||
| CVE-2016-2999 | 1 Ibm | 1 Connections | 2025-04-12 | N/A |
| IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to obtain sensitive information via an unspecified brute-force attack. | ||||
| CVE-2014-4807 | 1 Ibm | 1 Sterling Selling And Fulfillment Foundation | 2025-04-12 | N/A |
| Sterling Order Management in IBM Sterling Selling and Fulfillment Suite 9.3.0 before FP8 allows remote authenticated users to cause a denial of service (CPU consumption) via a '\0' character. | ||||
| CVE-2015-4950 | 1 Ibm | 3 Tivoli Storage Fastback For Microsoft Exchange, Tivoli Storage Flashcopy Manager For Microsoft Exchange Server, Tivoli Storage Manager For Mail Data Protection For Microsoft Exchange Server | 2025-04-12 | N/A |
| The mailbox-restore feature in IBM Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 6.1 before 6.1.3.6, 6.3 before 6.3.1.3, 6.4 before 6.4.1.4, and 7.1 before 7.1.0.2; Tivoli Storage FlashCopy Manager: FlashCopy Manager for Microsoft Exchange Server 2.1, 2.2, 3.1 before 3.1.1.5, 3.2 before 3.2.1.7, and 4.1 before 4.1.1; and Tivoli Storage Manager FastBack for Microsoft Exchange 6.1 before 6.1.5.4 does not ensure that the correct mailbox is selected, which allows remote authenticated users to obtain sensitive information via a duplicate alias name. | ||||
| CVE-2015-4948 | 1 Ibm | 2 Aix, Vios | 2025-04-12 | N/A |
| netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors. | ||||