Vulmon
Recent Vulnerabilities
Discussions
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
ibm vulnerabilities and exploits
4.3
CVSSv2
CVE-2011-1030
Cross-site scripting (XSS) vulnerability in the Wikis component in IBM Lotus Connections 3.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "Confirm New Page scene."...
Ibm
Lotus Connections
2.1
CVSSv2
CVE-2016-8916
IBM Tivoli Storage Manager 5.5, 6.1-6.4, and 7.1 stores password information in a log file that could be read by a local user when a set password command is issued. IBM X-Force ID: 118472....
Ibm
Tivoli Storage Manager
3.3
CVSSv2
CVE-2013-5397
Unspecified vulnerability in the Webservice Axis Gateway in IBM Rational Focal Point 6.4 before devfix1, 6.4.1.3 before devfix1, 6.5.1 before devfix1, 6.5.2 before devfix4, 6.5.2.3 before devfix9, 6.6 before devfix5, 6.6.0.1 before devfix2, and 6.6.1 allows remote attackers to...
Ibm
Rational Focal Point
2.1
CVSSv2
CVE-2009-0503
IBM WebSphere Message Broker 6.1.x before 6.1.0.2 writes a database connection password to the Event Log and System Log during exception handling for a JDBC error, which allows local users to obtain sensitive information by reading these logs....
Ibm
Websphere Message Broker
1.5
CVSSv2
CVE-2011-1373
Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE_MEMORY setting are configured, allows local users to cause a denial of service (daemon crash) via unknown vectors....
Ibm
Db2
3.5
CVSSv2
CVE-2018-1900
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...
Ibm
Curam Social Program Management
7.8
CVSSv2
CVE-2016-9692
IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP...
Ibm
Websphere Cast Iron Solution
4
CVSSv2
CVE-2016-0308
IBM Connections 5.5 and earlier is vulnerable to possible link manipulation attack that could result in the display of inappropriate background images....
Ibm
Connections
7.1
CVSSv2
CVE-2012-2197
Stack-based buffer overflow in the Java Stored Procedure infrastructure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote authenticated users to execute arbitrary code by leveraging certain CONNECT and EXECUTE privileges....
Ibm
Db2
4.3
CVSSv2
CVE-2018-1416
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....
Ibm
Websphere Portal
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2019-16024
CVE-2019-19781
CVE-2020-0609
CVE-2019-5146
validation
CSRF
XPath injection
CVE-2019-20423
CVE-2019-20430
1
2
3
4
5
NEXT »
Vulmon