Search Results (8339 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1998 2 Ibm, Microsoft 2 Db2, Windows 2026-04-23 N/A
The NNSTAT (aka SYSPROC.NNSTAT) procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 on Windows allows remote authenticated users to overwrite arbitrary files via the log file parameter.
CVE-2008-4404 1 Ibm 1 Zseries 2026-04-23 N/A
The IPv6 Neighbor Discovery Protocol (NDP) implementation on IBM zSeries servers does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB), a related issue to CVE-2008-2476.
CVE-2009-3855 1 Ibm 1 Tivoli Storage Manager 2026-04-23 N/A
Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux backup-archive clients, and the (3) OS/400 API client, in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.6, 5.4 before 5.4.2, and 5.5 before 5.5.1, when the MAILPROG option is enabled, allow attackers to read, modify, or delete arbitrary files via unknown vectors.
CVE-2009-3854 1 Ibm 1 Tivoli Storage Manager 2026-04-23 N/A
Buffer overflow in the traditional client scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7 and 5.4 before 5.4.2 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2009-0306 2 Ibm, Rim 2 Lotus Notes Intellisync, Blackberry Desktop Software 2026-04-23 N/A
Buffer overflow in the IBM Lotus Notes Intellisync ActiveX control in lnresobject.dll in BlackBerry Desktop Manager in Research In Motion (RIM) BlackBerry Desktop Software before 5.0.1 allows remote attackers to execute arbitrary code via a crafted web page. NOTE: some of these details are obtained from third party information.
CVE-2007-0068 1 Ibm 1 Lotus Domino 2026-04-23 N/A
IBM Lotus Domino 7.0.x before 7.0.3 does not revalidate the signature on a signed scheduled agent after the agent is modified, which allows remote authenticated users to gain privileges via a modified agent in a server database.
CVE-2007-5090 2 Ibm, Microsoft 3 Db2, Rational Clearquest, Sql Server 2026-04-23 N/A
Unspecified vulnerability in IBM Rational ClearQuest (CQ), when a Microsoft SQL Server or an IBM DB2 database is used, allows attackers to corrupt data via unspecified vectors.
CVE-2007-4271 1 Ibm 1 Db2 Universal Database 2026-04-23 N/A
Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE: this issue might be related to symlink following.
CVE-2007-4797 1 Ibm 1 Aix 2026-04-23 N/A
Multiple buffer overflows in unspecified svprint (System V print) commands in bos.svprint.rte in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors.
CVE-2007-4623 1 Ibm 1 Aix 2026-04-23 N/A
Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command.
CVE-2007-4621 1 Ibm 1 Aix 2026-04-23 N/A
Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments.
CVE-2007-4217 1 Ibm 1 Aix 2026-04-23 N/A
Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command.
CVE-2009-1290 1 Ibm 2 Advanced Management Module, Bladecenter 2026-04-23 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration interface in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allow remote attackers to hijack the authentication of administrators, as demonstrated by a power-off request to the private/blade_power_action script.
CVE-2007-4270 1 Ibm 1 Db2 Universal Database 2026-04-23 N/A
Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files.
CVE-2006-5008 1 Ibm 1 Aix 2026-04-23 N/A
Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows attackers to execute arbitrary commands and overwrite arbitrary files via unspecified vectors.
CVE-2006-5163 1 Ibm 1 Informix Dynamic Server 2026-04-23 N/A
IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly other versions creates /tmp/installserver.txt with insecure permissions, which allows local users to append data to arbitrary files via a symlink attack.
CVE-2007-4474 1 Ibm 2 Domino Web Access, Lotus Domino Web Access 2026-04-23 N/A
Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1.
CVE-2007-4513 1 Ibm 1 Aix 2026-04-23 N/A
Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv.
CVE-2007-3537 1 Ibm 1 Os 400 2026-04-23 N/A
IBM OS/400 (aka i5/OS) V4R2M0 through V5R3M0 on iSeries machines sends responses to TCP SYN-FIN packets, which allows remote attackers to obtain system information and possibly bypass firewall rules.
CVE-2007-4003 1 Ibm 1 Aix 2026-04-23 N/A
pioout in IBM AIX 5.3 SP6 allows local users to execute arbitrary code by specifying a malicious library with the -R (ParseRoutine) command line argument.