Filtered by vendor Ibm
Subscriptions
Total
7885 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-6316 | 1 Ibm | 1 Websphere Portal | 2025-04-11 | N/A |
| IBM WebSphere Portal 7.0.0.x before 7.0.0.2 CF26 and 8.0.0.x before 8.0.0.1 CF09 does not properly handle content-selection changes during Taxonomy component rendering, which allows remote attackers to obtain sensitive property information in opportunistic circumstances by leveraging an error in a Web Content Manager (WCM) context processor. | ||||
| CVE-2013-6735 | 1 Ibm | 1 Websphere Portal | 2025-04-11 | N/A |
| IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, and 8.0.0.x through 8.0.0.1 CF08 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a modified Web Content Manager (WCM) URL. | ||||
| CVE-2013-6734 | 1 Ibm | 1 Websphere Extreme Scale Client | 2025-04-11 | N/A |
| IBM WebSphere eXtreme Scale Client 7.1 through 8.6.0.4 does not properly isolate the cached data of different users, which allows remote authenticated users to obtain sensitive information in opportunistic circumstances by leveraging access to the same web container. | ||||
| CVE-2011-1505 | 1 Ibm | 2 Lotus Domino, Lotus Quickr | 2025-04-11 | N/A |
| Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 services for Lotus Domino has unknown impact and attack vectors, aka SPR ESEO8DQME2. | ||||
| CVE-2013-6733 | 1 Ibm | 1 Sametime | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Web Application in the Classic Meeting Server in IBM Sametime 7.5.1.2 through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-6725 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server 7.x before 7.0.0.31, 8.0.x before 8.0.0.8, and 8.5.x before 8.5.5.2 allows remote authenticated administrators to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2013-6724 | 1 Ibm | 1 Spss Samplepower | 2025-04-11 | N/A |
| Unspecified vulnerability in the vsflex8l ActiveX control in IBM SPSS SamplePower 3.0.1 before FP1 IF1 allows remote attackers to execute arbitrary code via a crafted ComboList property value. | ||||
| CVE-2013-6723 | 1 Ibm | 1 Websphere Portal | 2025-04-11 | N/A |
| IBM WebSphere Portal 8.0.0.1 before CF09 does not properly handle references in compute="always" Web Content Manager (WCM) navigator components, which allows remote attackers to obtain sensitive component information via unspecified vectors. | ||||
| CVE-2013-6722 | 1 Ibm | 1 Websphere Portal | 2025-04-11 | N/A |
| Unrestricted file upload vulnerability in the Registration/Edit My Profile portlet in IBM WebSphere Portal 7.x before 7.0.0.2 CF27 and 8.x through 8.0.0.1 CF09 allows remote attackers to cause a denial of service or modify data via unspecified vectors. | ||||
| CVE-2013-6721 | 1 Ibm | 1 Websphere Service Registry And Repository | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x before 7.5.0.4 and 8.x through 8.0.0.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving widgets. | ||||
| CVE-2013-6307 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-6717 | 1 Ibm | 3 Db2, Db2 Connect, Db2 Purescale Feature 9.8 | 2025-04-11 | N/A |
| The OLAP query engine in IBM DB2 and DB2 Connect 9.7 through FP9, 9.8 through FP5, 10.1 through FP3, and 10.5 through FP2, and the DB2 pureScale Feature 9.8 for Enterprise Server Edition, allows remote authenticated users to cause a denial of service (database outage and deactivation) via unspecified vectors. | ||||
| CVE-2013-6332 | 1 Ibm | 1 Algo One | 2025-04-11 | N/A |
| Unrestricted file upload vulnerability in IBM Algo One UDS 4.7.0 through 5.0.0 allows remote authenticated users to execute arbitrary code by uploading a .jsp file and then launching it. | ||||
| CVE-2009-2752 | 1 Ibm | 1 Websphere Commerce | 2025-04-11 | N/A |
| IBM WebSphere Commerce 7.0 does not properly encrypt data in a database, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms. | ||||
| CVE-2013-6330 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| IBM WebSphere Application Server 7.x before 7.0.0.31, when simpleFileServlet static file caching is enabled, allows remote authenticated users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2013-6325 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| IBM WebSphere Application Server 7.x before 7.0.0.31, 8.0.x before 8.0.0.8, and 8.5.x before 8.5.5.2 allows remote attackers to cause a denial of service (resource consumption) via a crafted request to a web services endpoint. | ||||
| CVE-2009-2751 | 1 Ibm | 1 Websphere Commerce | 2025-04-11 | N/A |
| IBM WebSphere Commerce 7.0 uses the same cryptographic key for session attributes and merchant data encryption, which has unspecified impact and remote attack vectors. | ||||
| CVE-2013-6322 | 1 Ibm | 1 Sterling Selling And Fulfillment Foundation | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Sterling Order Management in IBM Sterling Selling and Fulfillment Suite 8.0 before HF128 and 8.5 before HF93 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-2750 | 1 Ibm | 1 Websphere Service Registry And Repository | 2025-04-11 | N/A |
| IBM WebSphere Service Registry and Repository (WSRR) 6.3.0 before FP2 does not have the intended configuration properties, which allows remote authenticated users to obtain unspecified data access via a property query. | ||||
| CVE-2013-6312 | 1 Ibm | 2 Rational Performance Tester, Rational Service Tester | 2025-04-11 | N/A |
| Unspecified vulnerability in IBM Rational Service Tester 8.3.x and 8.5.x before 8.5.1 and Rational Performance Tester 8.3.x and 8.5.x before 8.5.1 allows remote attackers to read arbitrary files via unknown vectors. | ||||