Vulnerabilities in IBM Corporation

288 results

CVE-2017-1092—IBM Informix Open Admin Tool 11.5, 11.7, and 12.1 could allow an unauthorized user to execute arbitrary code as system admin on Windows servEPSS 75.8%CVE-2016-6082—IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free race condition. An attEPSS 4.7%CVE-2016-6115—IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbEPSS 4.0%CVE-2017-1289—IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could eEPSS 3.6%CVE-2016-2908—IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error whEPSS 3.4%CVE-2016-8919—IBM WebSphere Application Server may be vulnerable to a denial of service, caused by allowing serialized objects from untrusted sources to rEPSS 2.8%CVE-2016-8938—IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This coEPSS 2.8%CVE-2016-0360—IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allowEPSS 2.8%CVE-2016-6104—IBM Tivoli Key Lifecycle Manager 2.5, and 2.6 could allow a remote attacker to upload arbitrary files, caused by the improper validation of EPSS 2.7%CVE-2016-6042—IBM AppScan Enterprise Edition could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of objectsEPSS 2.6%CVE-2016-6079—IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privEPSS 2.5%CVE-2016-3053—IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges.EPSS 2.5%CVE-2016-9727—IBM QRadar 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted requeEPSS 2.5%CVE-2016-8954—IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database.EPSS 2.4%CVE-2017-1151—IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID Connect (OIDC) configured with a Trust Association Interceptor (TAI) EPSS 2.2%CVE-2016-8921—IBM FileNet WorkPlace XT could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code oEPSS 2.2%CVE-2016-6124—IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to upload arbitrary files, which could allow the attacker to exEPSS 2.2%CVE-2016-3017—IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information due to security misconfigurations.EPSS 2.2%CVE-2016-6105—IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 do not perform an authentication check for a critical resource or functionality allowing anonymEPSS 2.1%CVE-2016-6111—IBM Curam Social Program Management 6.0 and 7.0 are vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) erroEPSS 2.1%

← previouspage 1 / 15next →