| CVE-2011-1820 |
low |
— |
1.7 |
|
|
ibm |
15y ago |
IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, 6.0 before 6.0.0.67 (aka 6.0.0.8-TIV-ITDS-IF0009), 6.1 before 6.1.0.40 (aka 6.1.0.5-TIV-ITDS-IF0003), 6.2 before 6.2.0.16 (aka 6.… |
| CVE-2009-5062 |
low |
— |
3.5 |
|
|
ibm |
15y ago |
IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX allows remote authenticated users to cause a denial of service (daemon crash) by subscribing to an Atom feed, aka SPR JRIE7VKMP9. |
| CVE-2009-5061 |
low |
— |
2.1 |
|
|
ibm |
15y ago |
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 services for Lotus Domino, when Domino Native Authentication is enabled, might allow remote authenticated users to cause a denial of … |
| CVE-2009-5060 |
low |
— |
3.5 |
|
|
ibm |
15y ago |
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by accessing an entry in… |
| CVE-2009-5059 |
low |
— |
3.5 |
|
|
ibm |
15y ago |
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.10 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by checking out a docume… |
| CVE-2009-5058 |
low |
— |
3.5 |
|
|
ibm |
15y ago |
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by deleting an item that is ac… |
| CVE-2008-7286 |
low |
— |
3.5 |
|
|
ibm |
15y ago |
IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that request images, which allows remote authenticated users to cause a denial of service (daemon crash) vi… |
| CVE-2008-7284 |
low |
— |
3.5 |
|
|
ibm |
15y ago |
IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by clicking a download link, aka SPR QCAO7E6AM8. |
| CVE-2011-1310 |
low |
— |
1.9 |
|
|
ibm |
16y ago |
The Administrative Scripting Tools component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15, when tracing is enabled, places wsadmin command parameters into… |
| CVE-2011-1307 |
low |
— |
2.1 |
|
|
ibm |
16y ago |
The installer in IBM WebSphere Application Server (WAS) before 7.0.0.15 uses 777 permissions for a temporary log directory, which allows local users to have unintended access to log files via standar… |
| CVE-2011-1029 |
low |
— |
3.5 |
|
|
ibm |
16y ago |
Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert (RTC) 2.0.0.x allows remote authenticated users to inject arbitrary web script or HTML via the name of a shared report. |
| CVE-2010-4548 |
low |
— |
2.1 |
|
|
ibm |
16y ago |
IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (daemon crash) by accepting a meeting invitation with an iNotes client and then accepting this m… |
| CVE-2010-4547 |
low |
— |
3.5 |
|
|
ibm |
16y ago |
IBM Lotus Notes Traveler before 8.5.1.3, when a multidomain environment is used, does not properly apply policy documents to mobile users from a different Domino domain than the Traveler server, whic… |
| CVE-2010-3737 |
low |
— |
3.5 |
|
|
ibm |
16y ago |
Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (heap memory consumption) by executing a (1) user-d… |
| CVE-2010-3735 |
low |
— |
2.1 |
|
|
ibm |
16y ago |
The "Query Compiler, Rewrite, Optimizer" component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted query involving certai… |
| CVE-2010-3732 |
low |
— |
3.5 |
|
|
ibm |
16y ago |
The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (database server ABEND) by using the client CLI on Linux, UNIX, or Windows fo… |
| CVE-2009-4998 |
low |
— |
2.6 |
|
|
ibm |
16y ago |
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-019 and 4.0.2.x before 4.0.2.7-P8AE-FP007, in certain FileTracker configurations, does not apply a secu… |
| CVE-2008-7261 |
low |
— |
2.1 |
|
|
ibm |
16y ago |
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-010 records DEBUG messages containing user credentials in the log4j.xml file, which might allow local u… |
| CVE-2010-0155 |
low |
— |
3.5 |
|
|
ibm |
16y ago |
CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticat… |
| CVE-2010-3196 |
low |
— |
3.5 |
|
|
ibm |
16y ago |
IBM DB2 9.7 before FP2, when AUTO_REVAL is IMMEDIATE, allows remote authenticated users to cause a denial of service (loss of privileges) to a view owner by defining a dependent view. |
| CVE-2010-0777 |
low |
— |
2.6 |
|
|
ibm |
16y ago |
The Web Container in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.43, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 does not properly handle long filenames and consequently sends an incorre… |
| CVE-2010-1651 |
low |
— |
1.9 |
|
|
ibm |
16y ago |
IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.31 and 7.0.x before 7.0.0.11, when Basic authentication and SIP tracing (aka full trace logging for SIP) are enabled, logs the entirety of al… |
| CVE-2010-1650 |
low |
— |
1.9 |
|
|
ibm |
16y ago |
IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.41, 6.1.x before 6.1.0.31, and 7.0.x before 7.0.0.11, when the -trace option (aka debugging mode) is enabled, executes debugging statements t… |
| CVE-2010-1487 |
low |
— |
2.1 |
|
|
ibm |
16y ago |
IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG. |
| CVE-2010-0769 |
low |
— |
1.9 |
|
|
ibm |
16y ago |
IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 does not properly define wsadmin scripting J2CConnectionFactory objects, which allows local use… |
| CVE-2009-2752 |
low |
— |
1.5 |
|
|
ibm |
17y ago |
IBM WebSphere Commerce 7.0 does not properly encrypt data in a database, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms. |
