Filtered by vendor Ibm
Subscriptions
Total
7875 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-0308 | 1 Ibm | 1 Connections | 2025-04-20 | N/A |
| IBM Connections 5.5 and earlier is vulnerable to possible link manipulation attack that could result in the display of inappropriate background images. | ||||
| CVE-2016-0310 | 1 Ibm | 1 Connections | 2025-04-20 | N/A |
| IBM Connections 5.5 and earlier is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain. | ||||
| CVE-2016-0297 | 1 Ibm | 1 Bigfix Platform | 2025-04-20 | N/A |
| IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) could allow a remote attacker to obtain sensitive information due to a missing HTTP Strict-Transport-Security Header through man in the middle techniques. | ||||
| CVE-2016-0354 | 1 Ibm | 1 Sametime | 2025-04-20 | N/A |
| IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user to upload a malicious file to a Sametime meeting room, that could be downloaded by unsuspecting users which could be executed with user privileges. IBM X-Force ID: 111893. | ||||
| CVE-2017-1481 | 1 Ibm | 1 Sterling B2b Integrator | 2025-04-20 | N/A |
| IBM Sterling B2B Integrator Standard Edition 5.2 allows a user to view sensitive information that belongs to another user. IBM X-Force ID: 128619. | ||||
| CVE-2016-0254 | 1 Ibm | 1 Cognos Business Intelligence | 2025-04-20 | N/A |
| IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote authenticated attacker could exploit this vulnerability to consume all available CPU resources and cause a denial of service. IBM X-Force ID: 110563. | ||||
| CVE-2017-1477 | 1 Ibm | 1 Security Access Manager 9.0 Firmware | 2025-04-20 | N/A |
| IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 128612. | ||||
| CVE-2016-9692 | 1 Ibm | 1 Websphere Cast Iron Solution | 2025-04-20 | N/A |
| IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domain names. By submitting suitable payloads, an attacker can cause the application server to attack other systems that it can interact with. IBM X-Force ID: 119516. | ||||
| CVE-2016-0355 | 1 Ibm | 1 Sametime | 2025-04-20 | N/A |
| IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. IBM X-Force ID: 111894. | ||||
| CVE-2016-0218 | 1 Ibm | 1 Cognos Business Intelligence | 2025-04-20 | N/A |
| IBM Cognos Business Intelligence and IBM Cognos Analytics are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. | ||||
| CVE-2016-0206 | 1 Ibm | 1 Cloud Orchestrator | 2025-04-20 | N/A |
| IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow down for a short period of time by using a specially crafted and malformed URL. | ||||
| CVE-2016-0202 | 1 Ibm | 1 Cloud Orchestrator | 2025-04-20 | N/A |
| A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain. | ||||
| CVE-2017-1635 | 1 Ibm | 1 Tivoli Monitoring | 2025-04-20 | N/A |
| IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 133243. | ||||
| CVE-2015-7493 | 1 Ibm | 1 Infosphere Information Server | 2025-04-20 | N/A |
| IBM InfoSphere Information Server could allow a local user under special circumstances to execute commands during installation processes that could expose sensitive information. | ||||
| CVE-2016-8951 | 1 Ibm | 1 Emptoris Strategic Supply Management | 2025-04-20 | N/A |
| IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to a denial of service attack. An attacker can exploit a vulnerability in the authentication features that could log out users and flood user accounts with emails. IBM X-Force ID: 118838. | ||||
| CVE-2017-1628 | 1 Ibm | 1 Business Process Manager | 2025-04-20 | N/A |
| IBM Business Process Manager 8.6.0.0 allows authenticated users to stop and resume the Event Manager by calling a REST API with incorrect authorization checks. | ||||
| CVE-2016-6028 | 1 Ibm | 1 Rational Collaborative Lifecycle Management | 2025-04-20 | N/A |
| IBM Jazz technology based products might allow an attacker to view work item titles that they do not have privilege to view. | ||||
| CVE-2017-1613 | 1 Ibm | 1 Connections | 2025-04-20 | N/A |
| IBM Connections 6.0 could allow an unauthenticated remote attacker to gain unauthenticated or unauthorized access to non-sensitive Engagement Center template data. IBM X-Force ID: 132954. | ||||
| CVE-2017-1271 | 1 Ibm | 1 Security Guardium | 2025-04-20 | N/A |
| IBM Security Guardium 9.0, 9.1, and 9.5 supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. IBM X-Force ID: 124746. | ||||
| CVE-2017-1596 | 1 Ibm | 1 Security Guardium | 2025-04-20 | N/A |
| IBM Security Guardium 10.0 Database Activity Monitor could allow a local attacker to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132550. | ||||