Filtered by vendor Ibm
Subscriptions
Total
7995 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-5395 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | N/A |
| IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote attackers to bypass intended access restrictions via unspecified vectors. | ||||
| CVE-2013-5394 | 1 Ibm | 1 Websphere Extreme Scale | 2025-04-11 | N/A |
| The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to conduct phishing attacks via unspecified vectors. | ||||
| CVE-2013-5393 | 1 Ibm | 1 Websphere Extreme Scale | 2025-04-11 | N/A |
| The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors. | ||||
| CVE-2013-5390 | 1 Ibm | 1 Websphere Extreme Scale | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-6727 | 1 Ibm | 1 Sametime | 2025-04-11 | N/A |
| The Connect client in IBM Sametime 8.5.2 through 8.5.2.1 and 9.0 before HF1 does not properly restrict unsigned Java plugins, which allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2013-5389 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK2X. | ||||
| CVE-2013-5388 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK5F. | ||||
| CVE-2013-6725 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server 7.x before 7.0.0.31, 8.0.x before 8.0.0.8, and 8.5.x before 8.5.5.2 allows remote authenticated administrators to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2013-5387 | 1 Ibm | 1 Platform Symphony | 2025-04-11 | N/A |
| Buffer overflow in IBM Platform Symphony 5.2, 6.1, and 6.1.1 allows remote attackers to cause a denial of service (process crash or hang) via a malformed SOAP request with a large amount of request data. | ||||
| CVE-2013-5383 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | N/A |
| IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to gain privileges via unspecified vectors, a different vulnerability than CVE-2013-5382. | ||||
| CVE-2013-5382 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | N/A |
| IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to gain privileges via unspecified vectors, a different vulnerability than CVE-2013-5383. | ||||
| CVE-2013-5381 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | N/A |
| IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.3 allows remote authenticated users to gain privileges via unspecified vectors. | ||||
| CVE-2013-6718 | 1 Ibm | 1 Advanced Management Module Firmware | 2025-04-11 | N/A |
| The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface. | ||||
| CVE-2013-5380 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | N/A |
| IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows local users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2013-5378 | 1 Ibm | 1 Websphere Portal | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.x before 8.0.0.1 CF8 allows remote authenticated users to inject arbitrary web script or HTML by leveraging incorrect IBM Connections integration. | ||||
| CVE-2013-5376 | 1 Ibm | 2 Storwize V7000 Unified, Storwize V7000 Unified Software | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, related to a "cross frame scripting" attack against an administrative user. | ||||
| CVE-2013-5371 | 1 Ibm | 1 Tivoli Storage Manager | 2025-04-11 | N/A |
| The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and 6.4.0 on Windows does not preserve permissions of Resilient File System (ReFS) files across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations. | ||||
| CVE-2013-5370 | 1 Ibm | 1 Spss Collaboration And Deployment Services | 2025-04-11 | N/A |
| Unspecified vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 and 5.0 through FP2 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-4042. | ||||
| CVE-2013-5372 | 2 Ibm, Redhat | 3 Websphere Message Broker, Network Satellite, Rhel Extras | 2025-04-11 | N/A |
| The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.7, and 8.0 before 8.0.0.4 and IBM Integration Bus 9.0 before 9.0.0.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document that triggers expansion for many entities. | ||||
| CVE-2009-2753 | 1 Ibm | 1 Informix Dynamic Server | 2025-04-11 | N/A |
| Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3, allow remote attackers to execute arbitrary code via a crafted parameter size. | ||||