Filtered by vendor Ibm
Subscriptions
Total
7996 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-1029 | 1 Ibm | 1 Rational Team Concert | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert (RTC) 2.0.0.x allows remote authenticated users to inject arbitrary web script or HTML via the name of a shared report. | ||||
| CVE-2011-1030 | 1 Ibm | 1 Lotus Connections | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Wikis component in IBM Lotus Connections 3.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "Confirm New Page scene." | ||||
| CVE-2011-1034 | 1 Ibm | 1 Rational Build Forge | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the UI in IBM Rational Build Forge 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter to the fullcontrol program. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-1046 | 1 Ibm | 3 Filenet P8 Business Process Manager, Filenet P8 Content Engine, Filenet P8 Content Manager | 2025-04-11 | N/A |
| IBM FileNet P8 Content Engine (aka P8CE) 4.0.1 through 5.0.0, as used in FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), does not require the PRIVILEGED_WRITE access role for all intended Object Store modifications, which allows remote attackers to change a privileged property of an object via unspecified vectors. | ||||
| CVE-2011-1205 | 1 Ibm | 3 Rational Clearcase, Rational Clearquest, Rational Common Licensing | 2025-04-11 | N/A |
| Multiple buffer overflows in unspecified COM objects in Rational Common Licensing 7.0 through 7.1.1.4 in IBM Rational ClearCase 7.0.0.4 through 7.1.1.4, ClearQuest 7.0.0.4 through 7.1.1.4, and other products allow local users to gain privileges via a Trojan horse HTML document in the My Computer zone. | ||||
| CVE-2011-1220 | 1 Ibm | 1 Tivoli Management Framework | 2025-04-11 | N/A |
| Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field. | ||||
| CVE-2011-1209 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 before 7.0.0.17 uses a weak WS-Security XML encryption algorithm, which makes it easier for remote attackers to obtain plaintext data from a (1) JAX-RPC or (2) JAX-WS Web Services request via unspecified vectors related to a "decryption attack." | ||||
| CVE-2011-1217 | 1 Ibm | 1 Lotus Notes | 2025-04-11 | N/A |
| Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-1222 | 2 Ibm, Microsoft | 3 Aix, Tivoli Storage Manager, Windows | 2025-04-11 | N/A |
| Buffer overflow in the Journal Based Backup (JBB) feature in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows and AIX allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2011-1309 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| The Plug-in component in IBM WebSphere Application Server (WAS) before 7.0.0.15 does not properly handle trace requests, which has unspecified impact and attack vectors. | ||||
| CVE-2011-1310 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| The Administrative Scripting Tools component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15, when tracing is enabled, places wsadmin command parameters into the (1) wsadmin.traceout and (2) trace.log files, which allows local users to obtain potentially sensitive information by reading these files. | ||||
| CVE-2011-1319 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| The Security component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15 allows remote authenticated users to cause a denial of service (memory consumption) by using a Lightweight Third-Party Authentication (LTPA) token for authentication. | ||||
| CVE-2011-1308 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Installation Verification Test (IVT) application in the Install component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-1312 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.31 and 7.x before 7.0.0.15 does not prevent modifications of the primary admin id, which allows remote authenticated administrators to bypass intended access restrictions by mapping a (1) user or (2) group to an administrator role. | ||||
| CVE-2011-1314 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| The Service Integration Bus (SIB) messaging engine in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (daemon hang) by performing close operations via network connections to a queue manager. | ||||
| CVE-2011-1315 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| Memory leak in the messaging engine in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) via network connections associated with a NULL return value from a synchronous JMS receive call. | ||||
| CVE-2011-1316 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| The Session Initiation Protocol (SIP) Proxy in the HTTP Transport component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (worker thread exhaustion and UDP messaging outage) by sending many UDP messages. | ||||
| CVE-2011-1318 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| Memory leak in org.apache.jasper.runtime.JspWriterImpl.response in the JavaServer Pages (JSP) component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) by accessing a JSP page of an application that is repeatedly stopped and restarted. | ||||
| CVE-2011-1321 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| The AuthCache purge implementation in the Security component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.37 and 7.x before 7.0.0.15 does not purge a user from the PlatformCredential cache, which might allow remote authenticated users to gain privileges by leveraging a group membership specified in an old RACF Object (aka RACO). | ||||
| CVE-2011-1322 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| The SOAP with Attachments API for Java (SAAJ) implementation in the Web Services component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.37 and 7.x before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) via encrypted SOAP messages. | ||||