Search Results (702 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-1694 1 Ibm 1 Integration Bus 2025-04-20 N/A
IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be read by an attacker using man in the middle techniques. IBM X-Force ID: 134165.
CVE-2017-1508 2 Ibm, Linux 2 Informix Dynamic Server, Linux Kernel 2025-04-20 N/A
IBM Informix Dynamic Server 12.1 could allow a local user logged in with database administrator user to gain root privileges. IBM X-Force ID: 129620.
CVE-2016-9990 1 Ibm 1 Inotes 2025-04-20 N/A
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998824.
CVE-2017-3744 2 Ibm, Lenovo 47 Bladecenter Hs22, Bladecenter Hs23, Bladecenter Hs23e and 44 more 2025-04-20 N/A
In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other utilities may be captured in the First Failure Data Capture (FFDC) service log if the service log is generated when that remote command is running. Captured command data may contain clear text login information. Authorized users that can capture and export FFDC service log data may have access to these remote commands.
CVE-2017-1092 1 Ibm 1 Informix Open Admin Tool 2025-04-20 N/A
IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servers. IBM X-Force ID: 120390.
CVE-2016-9716 1 Ibm 1 Infosphere Master Data Management Server 2025-04-20 N/A
IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 119729.
CVE-2016-9714 1 Ibm 1 Infosphere Master Data Management Server 2025-04-20 N/A
IBM InfoSphere Master Data Management Server 10.1, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 119727.
CVE-2017-1141 1 Ibm 1 Insights Foundation For Energy 2025-04-20 N/A
IBM Insights Foundation for Energy 1.0, 1.5, and 1.6 could allow an authenticated user to obtain sensitive information from error messages. IBM X-Force ID: 121907.
CVE-2016-8918 1 Ibm 1 Integration Bus 2025-04-20 N/A
IBM Integration Bus, under non default configurations, could allow a remote user to authenticate without providing valid credentials.
CVE-2016-9000 1 Ibm 2 Infosphere Datastage, Infosphere Information Server On Cloud 2025-04-20 N/A
IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct clickjacking or other client-side browser attacks.
CVE-2016-2938 1 Ibm 2 Domino, Inotes 2025-04-20 N/A
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2017-1144 1 Ibm 2 Integration Bus, Websphere Message Broker 2025-04-20 N/A
IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting. IBM X-Force ID: 122033.
CVE-2014-9564 1 Ibm 4 En6131, En6131 Firmware, Ib6131 and 1 more 2025-04-20 N/A
CRLF injection vulnerability in IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband Switch firmware before 3.4.1110 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks and resulting web cache poisoning or cross-site scripting (XSS) attacks, or obtain sensitive information via multiple unspecified parameters.
CVE-2017-1421 1 Ibm 1 Inotes 2025-04-20 N/A
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2017-1214 1 Ibm 1 Inotes 2025-04-20 N/A
IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854.
CVE-2015-0114 1 Ibm 1 I Access For Windows 2025-04-20 N/A
Stack-based buffer overflow in IBM V5R4, and IBM i Access for Windows 6.1 and 7.1.
CVE-2017-1336 1 Ibm 1 Infosphere Biginsights 2025-04-20 N/A
IBM Infosphere BigInsights 4.2.0 could allow an attacker to inject code that could allow access to restricted data and files. IBM X-Force ID: 126244.
CVE-2017-1431 1 Ibm 1 Infosphere Streams 2025-04-20 N/A
IBM InfoSphere Streams 4.0, 4.1, and 4.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127632.
CVE-2017-1467 1 Ibm 2 Infosphere Information Server, Softlayer 2025-04-20 N/A
A network layer security vulnerability in InfoSphere Information Server 9.1, 11.3, and 11.5 can lead to privilege escalation or unauthorized access. IBM X-Force ID: 128466.
CVE-2017-1325 1 Ibm 1 Inotes 2025-04-20 N/A
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125976.