Check CVE Id
Check CWE Id
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155894.
(Improper Restriction of Operations within the Bounds of a Memory Buffer)
CVSS Base Score
IBM Maximo Anywhere 7.6.0, 7.6.1, 7.6.2, and 7.6.3 does not have device root detection which could result in an attacker gaining sensitive information about the device. IBM X-Force ID: 160198.
A security vulnerability has been identified in all levels of IBM Spectrum Scale V220.127.116.11 through V18.104.22.168 and IBM Spectrum Scale V22.214.171.124 through V126.96.36.199 that could allow a local attacker to obtain root privilege by injecting parameters into setui...
IBM Maximo Asset Management 188.8.131.52 generates an error message that includes sensitive information that could be used in further attacks against the system. IBM X-Force ID: 164554.
IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0, and 3.0.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 165136.
IBM MQ 184.108.40.206 - 220.127.116.11, 18.104.22.168 - 22.214.171.124, 126.96.36.199 - 188.8.131.52, and 9.1.0 - 9.1.2 AMQP Listeners could allow an unauthorized user to conduct a session fixation attack due to clients not being disconnected as they should. IBM X-Force ID: 159352.
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 163177.
IBM Security Guardium 9.0, 9.5, and 10.6 are vulnerable to a privilege escalation which could allow an authenticated user to change the accessmgr password. IBM X-Force ID: 162768.
Back to Top