Vulnerabilities > IBM
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-04-30 | CVE-2012-5947 | Buffer Errors vulnerability in IBM Spss Samplepower 3.0.0.0 Buffer overflow in the vsflex7l ActiveX control in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via unspecified vectors. | 9.3 |
2013-04-30 | CVE-2012-5946 | Buffer Errors vulnerability in IBM Spss Samplepower 3.0.0.0 Buffer overflow in the c1sizer ActiveX control in C1sizer.ocx in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via a long TabCaption string. | 9.3 |
2013-04-30 | CVE-2012-5945 | Buffer Errors vulnerability in IBM Spss Samplepower 3.0.0.0 Multiple buffer overflows in the Vsflex8l ActiveX control in IBM SPSS SamplePower 3.0 before FP1 allow remote attackers to execute arbitrary code via a long (1) ComboList or (2) ColComboList property value. | 9.3 |
2013-04-28 | CVE-2013-0553 | Command Execution vulnerability in IBM Sametime Clients The client implementation in IBM Sametime 8.5.1 through 8.5.2.1, as used in Sametime Connect client, Sametime Advanced Connect client, Sametime Advanced Web client, and other products, allows remote authenticated users to send commands to individual chat users, or to all participants in a chat room, via a crafted Sametime Instant Message (IM). network ibm | 3.5 |
2013-04-28 | CVE-2013-0533 | Cross-Site Scripting vulnerability in IBM Lotus Sametime Cross-site scripting (XSS) vulnerability in the Sametime Links server in IBM Sametime 8.0.2 through 8.5.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2013-04-27 | CVE-2013-0593 | Unspecified vulnerability in IBM Spss Samplepower 3.0.0.0 Unspecified vulnerability in the olch2x32 ActiveX control in IBM SPSS SamplePower 3.0 before 3.0-IM-S3SAMPC-WIN32-FP001 allows remote attackers to execute arbitrary code via unknown vectors. | 9.3 |
2013-04-27 | CVE-2013-0572 | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM Document Connect for Application Support Facility (aka DC4ASF) before 1.0.0.1218 in Application Support Facility (ASF) 3.4 for z/OS on Windows, Linux, and AIX allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors. | 2.3 |
2013-04-27 | CVE-2013-0571 | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM Document Connect for Application Support Facility (aka DC4ASF) before 1.0.0.1218 in Application Support Facility (ASF) 3.4 for z/OS on Windows, Linux, and AIX allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 2.9 |
2013-04-27 | CVE-2013-0569 | Cross-Site Scripting vulnerability in IBM Connections 4.5.0.0 Cross-site scripting (XSS) vulnerability in the Communities component in IBM Connections 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-04-24 | CVE-2013-0565 | Cross-Site Scripting vulnerability in IBM Websphere Application Server 8.5.0.0/8.5.0.1 Cross-site scripting (XSS) vulnerability in the RPC adapter for the Web 2.0 and Mobile toolkit in IBM WebSphere Application Server (WAS) 8.5 before 8.5.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted response. | 4.3 |