Search Results (8373 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0261 1 Ibm 1 Aix 2026-04-16 N/A
lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files.
CVE-2006-0662 1 Ibm 1 Lotus Domino Inotes Client 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Lotus Domino iNotes Client 6.5.4 allows remote attackers to inject arbitrary web script or HTML via email with attached html files, which are directly rendered in the browser.
CVE-2006-4137 1 Ibm 1 Websphere Application Server 2026-04-16 N/A
IBM WebSphere Application Server before 6.1.0.1 allows attackers to obtain sensitive information via unspecified vectors related to (1) the log file, (2) "script generated syntax on wsadmin command line," and (3) traces.
CVE-2000-0873 1 Ibm 1 Aix 2026-04-16 N/A
netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities.
CVE-2005-1872 1 Ibm 1 Websphere Application Server 2026-04-16 N/A
Buffer overflow in the administrative console in IBM WebSphere Application Server 5.x, when the global security option is enabled, allows remote attackers to execute arbitrary code.
CVE-2006-1093 1 Ibm 1 Websphere Application Server 2026-04-16 N/A
Unspecified vulnerability in IBM WebSphere 5.0.2.10 through 5.0.2.15 and 5.1.1.4 through 5.1.1.9 allows remote attackers to obtain sensitive information via unknown attack vectors, which causes JSP source code to be revealed.
CVE-2006-3231 1 Ibm 1 Websphere Application Server 2026-04-16 N/A
Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 6.0.2.11, when fileServingEnabled is true, allows remote attackers to obtain JSP source code and other sensitive information via "URIs with special characters."
CVE-2006-0118 1 Ibm 3 Lotus Domino, Lotus Domino Enterprise Server, Lotus Notes 2026-04-16 N/A
Unspecified vulnerability in IBM Lotus Notes and Domino Server before 6.5.5, when running on AIX, allows attackers to cause a denial of service (deep recursion leading to stack overflow and crash) via long formulas.
CVE-2003-1050 1 Ibm 1 Db2 2026-04-16 N/A
Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to (1) db2start, (2) db2stop, or (3) db2govd.
CVE-2006-0117 1 Ibm 3 Lotus Domino, Lotus Domino Enterprise Server, Lotus Notes 2026-04-16 N/A
Buffer overflow in IBM Lotus Notes and Domino Server before 6.5.5 allows attackers to cause a denial of service (router crash or hang) via unspecified vectors involving "CD to MIME Conversion".
CVE-2005-3749 1 Ibm 1 Aix 2026-04-16 N/A
Unspecified "absolute path vulnerabilities" in the diagela command (diagela.sh) in IBM AIX 5.2 and 5.3 have unknown impact and attack vectors.
CVE-2002-0554 1 Ibm 1 Informix Web Datablade 2026-04-16 N/A
webdriver in IBM Informix Web DataBlade 4.12 allows remote attackers to bypass user access levels or read arbitrary files via a SQL injection attack in an HTTP request.
CVE-2006-3778 1 Ibm 1 Lotus Notes 2026-04-16 N/A
IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate name users when the (1) "Save As Draft" option is used or (2) a "," (comma) is inside the "phrase" portion of an address, which can cause the e-mail to be sent to users that were deleted from the To, CC, and BCC fields, which allows remote attackers to obtain the list of original recipients.
CVE-1999-0128 5 Digital, Ibm, Linux and 2 more 9 Osf 1, Aix, Sng and 6 more 2026-04-16 N/A
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.
CVE-2003-1361 2 Ibm, Veritas 2 Tivoli Storage Manager, Bare Metal Restore 2026-04-16 N/A
Unknown vulnerability in VERITAS Bare Metal Restore (BMR) of Tivoli Storage Manager (TSM) 3.1.0 through 3.2.1 allows remote attackers to gain root privileges on the BMR Main Server.
CVE-1999-0835 3 Ibm, Sco, Sun 4 Aix, Openserver, Unixware and 1 more 2026-04-16 N/A
Denial of service in BIND named via malformed SIG records.
CVE-2006-2431 1 Ibm 1 Websphere Application Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the 500 Internal Server Error page on the SOAP port (8880/tcp) in IBM WebSphere Application Server 5.0.2 and earlier, 5.1.x before 5.1.1.12, and 6.0.2 up to 6.0.2.7, allows remote attackers to inject arbitrary web script or HTML via the URI, which is contained in a FAULTACTOR element on this page. NOTE: some sources have reported the element as "faultfactor," but this is likely erroneous.
CVE-2000-1110 1 Ibm 1 Net.data 2026-04-16 N/A
document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program.
CVE-2000-1117 1 Ibm 1 Lotus Notes 2026-04-16 N/A
The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method.
CVE-2000-1123 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands.