Filtered by vendor Ibm
Subscriptions
Total
8182 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-3058 | 1 Ibm | 1 Tivoli Storage Manager Fastback | 2025-04-11 | N/A |
| The Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, establishes an open UDP port, which might allow remote attackers to overwrite memory locations and execute arbitrary code, or cause a denial of service (application hang), via unspecified vectors. | ||||
| CVE-2010-3059 | 1 Ibm | 1 Tivoli Storage Manager Fastback | 2025-04-11 | N/A |
| Buffer overflow in the message-protocol implementation in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, allows remote attackers to read and modify data, and possibly have other impact, via an unspecified command. | ||||
| CVE-2010-3060 | 1 Ibm | 1 Tivoli Storage Manager Fastback | 2025-04-11 | N/A |
| Unspecified vulnerability in the message-protocol implementation in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, allows remote attackers to cause a denial of service (daemon outage) via unknown vectors. | ||||
| CVE-2010-3186 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| IBM WebSphere Application Server (WAS) 7.x before 7.0.0.13, and WebSphere Application Server Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, when a JAX-WS application is used, does not properly handle an IncludeTimestamp setting in the WS-Security policy, which has unspecified impact and remote attack vectors. | ||||
| CVE-2010-3193 | 1 Ibm | 1 Db2 | 2025-04-11 | N/A |
| Unspecified vulnerability in the DB2STST program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 has unknown impact and attack vectors. | ||||
| CVE-2010-3194 | 1 Ibm | 1 Db2 | 2025-04-11 | N/A |
| The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows attackers to bypass intended file access restrictions via unspecified vectors related to overwriting files owned by an instance owner. | ||||
| CVE-2010-3195 | 2 Ibm, Microsoft | 2 Db2, Windows Server 2008 | 2025-04-11 | N/A |
| Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 on Windows Server 2008 allows attackers to cause a denial of service (trap) via vectors involving "special group and user enumeration." | ||||
| CVE-2010-3196 | 1 Ibm | 1 Db2 | 2025-04-11 | N/A |
| IBM DB2 9.7 before FP2, when AUTO_REVAL is IMMEDIATE, allows remote authenticated users to cause a denial of service (loss of privileges) to a view owner by defining a dependent view. | ||||
| CVE-2010-3197 | 1 Ibm | 1 Db2 | 2025-04-11 | N/A |
| IBM DB2 9.7 before FP2 does not perform the expected access control on the monitor administrative views in the SYSIBMADM schema, which allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2010-3317 | 1 Ibm | 1 Filenet Content Manager | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-3318 | 1 Ibm | 1 Filenet Content Manager | 2025-04-11 | N/A |
| IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits passwords in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network. | ||||
| CVE-2010-3319 | 1 Ibm | 1 Filenet Content Manager | 2025-04-11 | N/A |
| IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a session token in the URI, which might allow remote attackers to obtain sensitive information by reading a Referer log file. | ||||
| CVE-2010-3320 | 1 Ibm | 1 Filenet Content Manager | 2025-04-11 | N/A |
| Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2010-3398 | 1 Ibm | 1 Lotus Sametime | 2025-04-11 | N/A |
| Unspecified vulnerability in the webcontainer implementation in IBM Lotus Sametime Connect 8.5.1 before CF1 has unknown impact and attack vectors, aka SPRs LXUU87S57H and LXUU87S93W. | ||||
| CVE-2010-3405 | 1 Ibm | 2 Aix, Vios | 2025-04-11 | N/A |
| Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors. | ||||
| CVE-2010-3406 | 1 Ibm | 1 Aix | 2025-04-11 | N/A |
| Unspecified vulnerability in sa_snap in the bos.esagent fileset in IBM AIX 5.3 allows local users to leverage system group membership and delete files via unknown vectors. | ||||
| CVE-2010-3407 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Stack-based buffer overflow in the MailCheck821Address function in nnotes.dll in the nrouter.exe service in the server in IBM Lotus Domino 8.0.x before 8.0.2 FP5 and 8.5.x before 8.5.1 FP2 allows remote attackers to execute arbitrary code via a long e-mail address in an ORGANIZER:mailto header in an iCalendar calendar-invitation e-mail message, aka SPR NRBY7ZPJ9V. | ||||
| CVE-2010-3470 | 1 Ibm | 1 Filenet P8 Application Engine | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-021 and 4.0.2.x before 4.0.2.7-P8AE-FP007 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-3474 | 1 Ibm | 1 Db2 | 2025-04-11 | N/A |
| IBM DB2 9.7 before FP3 does not perform the expected drops or invalidations of dependent functions upon a loss of privileges by the functions' owners, which allows remote authenticated users to bypass intended access restrictions via calls to these functions, a different vulnerability than CVE-2009-3471. | ||||
| CVE-2010-3475 | 1 Ibm | 1 Db2 | 2025-04-11 | N/A |
| IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cache, which allows remote authenticated users to bypass intended access restrictions by leveraging the cache to execute an UPDATE statement contained in a compiled compound SQL statement. | ||||