Filtered by vendor Ibm
Subscriptions
Total
7344 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2005-2428 | 1 Ibm | 1 Lotus Domino | 2024-11-20 | N/A |
Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote attackers to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTPPassword field, (2) the password change date in the HTTPPasswordChangeDate field, (3) the client platform in the ClntPltfrm field, (4) the client machine name in the ClntMachine field, and (5) the client Lotus Domino release in the ClntBld field, a different vulnerability than CVE-2005-2696. | ||||
CVE-2005-2238 | 1 Ibm | 1 Aix | 2024-11-20 | N/A |
ftpd in IBM AIX 5.1, 5.2 and 5.3 allows remote authenticated users to cause a denial of service (port exhaustion and memory consumption) by using all ephemeral ports. | ||||
CVE-2005-2237 | 1 Ibm | 1 Aix | 2024-11-20 | N/A |
Format string vulnerability in the swcons command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via long command line arguments. | ||||
CVE-2005-2236 | 1 Ibm | 1 Aix | 2024-11-20 | N/A |
Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments. | ||||
CVE-2005-2235 | 1 Ibm | 1 Aix | 2024-11-20 | N/A |
Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments. | ||||
CVE-2005-2234 | 1 Ibm | 1 Aix | 2024-11-20 | N/A |
Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments. | ||||
CVE-2005-2233 | 1 Ibm | 1 Aix | 2024-11-20 | N/A |
Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files including (2) pdisable, (3) pstart, (4) phold, (5) pdelay, or (6) pshare. | ||||
CVE-2005-2232 | 1 Ibm | 1 Aix | 2024-11-20 | N/A |
Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument. | ||||
CVE-2005-2175 | 1 Ibm | 1 Lotus Notes | 2024-11-20 | N/A |
The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies. | ||||
CVE-2005-2170 | 1 Ibm | 1 Tivoli Management Framework | 2024-11-20 | N/A |
The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint allows remote attackers to cause a denial of service (process exit and connection loss) by connecting to LCF and ending the connection without sending any data. | ||||
CVE-2005-2091 | 1 Ibm | 1 Websphere Application Server | 2024-11-20 | N/A |
IBM WebSphere 5.1 and WebSphere 5.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes WebSphere to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling." | ||||
CVE-2005-2073 | 1 Ibm | 1 Db2 | 2024-11-20 | N/A |
Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through 8.2.2 allows local users with SELECT privileges to conduct unauthorized activities and insert, update or delete table contents. | ||||
CVE-2005-1872 | 1 Ibm | 1 Websphere Application Server | 2024-11-20 | N/A |
Buffer overflow in the administrative console in IBM WebSphere Application Server 5.x, when the global security option is enabled, allows remote attackers to execute arbitrary code. | ||||
CVE-2005-1442 | 1 Ibm | 1 Lotus Notes | 2024-11-20 | N/A |
Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 and 6.0 before 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the NOTES.INI file. | ||||
CVE-2005-1441 | 1 Ibm | 1 Lotus Domino | 2024-11-20 | N/A |
Format string vulnerability in Lotus Domino 6.0.x before 6.0.5 and 6.5.x before 6.5.4 allows remote attackers to cause a denial of service via the Notes protocol (NRPC). | ||||
CVE-2005-1405 | 1 Ibm | 1 Lotus Notes | 2024-11-20 | N/A |
HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications. | ||||
CVE-2005-1238 | 1 Ibm | 1 Iseries As 400 | 2024-11-20 | N/A |
By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request. | ||||
CVE-2005-1182 | 1 Ibm | 1 Os 400 | 2024-11-20 | N/A |
Unknown vulnerability in Incoming Remote Command (iSeries Access for Windows Remote Command service) in IBM OS/400 R510, R520, and R530 allows attackers to cause a denial of service (IRC shutdown) via certain inputs. | ||||
CVE-2005-1176 | 1 Ibm | 1 Aix | 2024-11-20 | N/A |
Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while I/O is still occurring for that file, may write data to a different file, which could leak sensitive information. | ||||
CVE-2005-1133 | 1 Ibm | 1 Iseries As 400 | 2024-11-20 | N/A |
The POP3 server in IBM iSeries AS/400 returns different error messages when the user exists or not, which allows remote attackers to determine valid user IDs on the server. |