Filtered by vendor Ibm Subscriptions
Total 7457 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-7034 9 Apple, Hp, Ibm and 6 more 18 Mac Os X, Hp-ux, Tru64 and 15 more 2024-11-21 N/A
SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter.
CVE-2006-6915 1 Ibm 1 Aix 2024-11-21 N/A
ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. NOTE: some details were obtained from third party sources.
CVE-2006-6914 1 Ibm 1 Aix 2024-11-21 N/A
Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote attackers to obtain sensitive information, including passwords, via unspecified vectors.
CVE-2006-6836 1 Ibm 1 Os 400 2024-11-21 N/A
Multiple unspecified vulnerabilities in osp-cert in IBM OS/400 V5R3M0 have unspecified impact and attack vectors, related to ASN.1 parsing.
CVE-2006-6638 1 Ibm 1 Db2 Universal Database 2024-11-21 N/A
IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257.
CVE-2006-6637 1 Ibm 1 Websphere Application Server 2024-11-21 N/A
The Servlet Engine and Web Container in IBM WebSphere Application Server (WAS) before 6.0.2.17, when ibm-web-ext.xmi sets fileServingEnabled to true and servlet caching is enabled, allows remote attackers to obtain JSP source code and other sensitive information via "specific requests."
CVE-2006-6636 1 Ibm 1 Websphere Application Server 2024-11-21 N/A
Unspecified vulnerability in the Utility Classes for IBM WebSphere Application Server (WAS) before 5.1.1.13 and 6.x before 6.0.2.17 has unknown impact and attack vectors.
CVE-2006-6607 1 Ibm 1 Tivoli Identity Manager 2024-11-21 N/A
The Java Key Store (JKS) for WebSphere Application Server (WAS) for IBM Tivoli Identity Manager (ITIM) 4.6 places the JKS password in a -Djavax.net.ssl.trustStorePassword command line argument, which allows local users to obtain the password by listing the process or using other methods.
CVE-2006-6537 1 Ibm 1 Websphere Host On-demand 2024-11-21 N/A
IBM WebSphere Host On-Demand 6.0, 7.0, 8.0, 9.0, and possibly 10, allows remote attackers to bypass authentication via a modified pnl parameter, related to hod/HODAdmin.html and hod/frameset.html.
CVE-2006-6309 1 Ibm 1 Tivoli Storage Manager 2024-11-21 N/A
Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service (crash) via a large index value in unspecified messages, a different issue than CVE-2006-5855.
CVE-2006-6136 1 Ibm 1 Websphere Application Server 2024-11-21 N/A
IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) does not perform EAL4 authentication checks at the proper time during "registering of response operation," which has unknown impact and attack vectors.
CVE-2006-6135 1 Ibm 1 Websphere Application Server 2024-11-21 N/A
Multiple unspecified vulnerabilities in IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) have unknown impact and attack vectors, related to (1) a "Potential security vulnerability" (PK29725) and (2) "Potential security exposure" (PK30831).
CVE-2006-5855 1 Ibm 1 Tivoli Storage Manager 2024-11-21 N/A
Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message.
CVE-2006-5835 1 Ibm 1 Lotus Notes 2024-11-21 N/A
The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file.
CVE-2006-5818 1 Ibm 1 Lotus Domino 2024-11-21 N/A
Multiple buffer overflows in tunekrnl in IBM Lotus Domino 6.x before 6.5.5 FP2 and 7.x before 7.0.2 allow local users to gain privileges and execute arbitrary code via unspecified vectors.
CVE-2006-5664 1 Ibm 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect 2024-11-21 N/A
The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files.
CVE-2006-5663 1 Ibm 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect 2024-11-21 N/A
IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts.
CVE-2006-5324 1 Ibm 1 Websphere Application Server 2024-11-21 N/A
The Web Services Notification (WSN) security component of IBM WebSphere Application Server before 6.1.0.2 allows attackers to obtain unspecified access without supplying a username and password, aka PK28374.
CVE-2006-5323 1 Ibm 1 Websphere Application Server 2024-11-21 N/A
Unspecified vulnerability in IBM WebSphere Application Server before 6.1.0.2 has unspecified impact and attack vectors, related to a "possible security exposure," aka PK29360.
CVE-2006-5163 1 Ibm 1 Informix Dynamic Server 2024-11-21 N/A
IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly other versions creates /tmp/installserver.txt with insecure permissions, which allows local users to append data to arbitrary files via a symlink attack.