Search Results (8373 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1620 1 Ibm 1 Aix Parallel Systems Support Programs 2026-04-16 N/A
Unknown vulnerability in IBM AIX Parallel Systems Support Programs (PSSP) 3.1.1, 3.2, and 3.4 allows remote attackers to read arbitrary files from a file collection.
CVE-2002-1621 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and 5.1 allows remote attackers to execute arbitrary code.
CVE-2004-2558 1 Ibm 6 Tivoli Access Manager For E-business, Tivoli Access Manager Identity Manager Solution, Tivoli Configuration Manager and 3 more 2026-04-16 N/A
Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack."
CVE-2004-2369 1 Ibm 1 Lotus Domino 2026-04-16 N/A
Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. (dot dot) in the directory creation command.
CVE-2005-4864 1 Ibm 1 Db2 Universal Database 2026-04-16 N/A
Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable.
CVE-2005-4865 1 Ibm 1 Db2 Universal Database 2026-04-16 N/A
Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname.
CVE-2005-2236 1 Ibm 1 Aix 2026-04-16 N/A
Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments.
CVE-2001-1330 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument.
CVE-2005-1112 1 Ibm 1 Websphere Application Server 2026-04-16 N/A
IBM WebSphere Application Server 6.0 and earlier, when sharing the document root of the web server, allows remote attackers to obtain the source code for Java Server Pages (.jsp) via an HTTP request with an invalid Host header, which causes the page to be processed by the web server instead of the JSP engine.
CVE-2006-1384 1 Ibm 1 Tivoli Business Systems Manager 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in apwc_win_main.jsp in the web console in IBM Tivoli Business Systems Manager (TBSM) before 3.1.0.1 allows remote attackers to inject arbitrary web script or HTML via the skin parameter.
CVE-2002-1689 1 Ibm 1 Aix 2026-04-16 N/A
Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow.
CVE-1999-0089 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in AIX libDtSvc library can allow local users to gain root access.
CVE-1999-0099 5 Bsdi, Convex, Cray and 2 more 7 Bsd Os, Convexos, Spp-ux and 4 more 2026-04-16 N/A
Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.
CVE-2005-3060 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via unknown vectors.
CVE-2004-2663 1 Ibm 1 Egatherer 2026-04-16 N/A
The (1) SetDebugging and (2) RunEgatherer methods in IBM Access Support eGatherer ActiveX control 2.0.0.16 allow remote attackers to create files with arbitrary content, as demonstrated by creating a .hta file in a Startup folder.
CVE-2005-2091 1 Ibm 1 Websphere Application Server 2026-04-16 N/A
IBM WebSphere 5.1 and WebSphere 5.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes WebSphere to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."
CVE-1999-0101 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.
CVE-2001-0389 1 Ibm 2 Net.commerce, Websphere Application Server 2026-04-16 N/A
IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine the real path of the server by directly calling the macro.d2w macro with a NOEXISTINGHTMLBLOCK argument.
CVE-2001-0487 1 Ibm 1 Aix Snmp 2026-04-16 N/A
AIX SNMP server snmpd allows remote attackers to cause a denial of service via a RST during the TCP connection.
CVE-2006-0663 1 Ibm 1 Lotus Domino Inotes Client 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Lotus Domino iNotes Client 6.5.4 and 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) an email subject; (2) an encoded javascript URI, as demonstrated using "java
script:"; or (3) when the Domino Web Access ActiveX control is not installed, via an email attachment filename.