Vulnerabilities > IBM
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-02-27 | CVE-2012-4842 | Resource Management Errors vulnerability in IBM Lotus Domino Open redirect vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 5.8 |
2013-02-27 | CVE-2012-5767 | Security Bypass vulnerability in IBM Ts3500 Tape Library and Ts3500 Tape Library Firmware Unspecified vulnerability in the web interface on the IBM TS3500 Tape Library with firmware before C260 allows remote authenticated users to gain privileges via unspecified vectors. | 6.5 |
2013-02-22 | CVE-2013-0465 | Security vulnerability in IBM WebSphere Cast Iron Cloud Integration Unspecified vulnerability in the IBM WebSphere Cast Iron physical and virtual appliance 6.0 and 6.1 before 6.1.0.15 and 6.3 before 6.3.0.1, when LDAP authentication is enabled, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. | 5.4 |
2013-02-21 | CVE-2013-0472 | Unauthorized Access vulnerability in IBM Tivoli Storage Manager Client The Web GUI in the client in IBM Tivoli Storage Manager (TSM) 6.3 before 6.3.1.0 and 6.4 before 6.4.0.1 allows man-in-the-middle attackers to obtain unspecified client access, and consequently obtain unspecified server access, via unknown vectors. | 5.1 |
2013-02-21 | CVE-2013-0471 | Denial of Service vulnerability in IBM Tivoli Storage Manager The traditional scheduler in the client in IBM Tivoli Storage Manager (TSM) before 6.2.5.0, 6.3 before 6.3.1.0, and 6.4 before 6.4.0.1, when Prompted mode is enabled, allows remote attackers to cause a denial of service (scheduling outage) via unspecified vectors. network ibm | 4.3 |
2013-02-21 | CVE-2013-0478 | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 and 10.1 before FP1 and InfoSphere Master Data Management Server for Product Information Management 6.0, 9.0, and 9.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2013-02-21 | CVE-2013-0477 | Cross-Site Scripting vulnerability in IBM products Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 and 10.1 before FP1 and InfoSphere Master Data Management Server for Product Information Management 6.0, 9.0, and 9.1 allow remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors. | 6.0 |
2013-02-21 | CVE-2013-0467 | Permissions, Privileges, and Access Controls vulnerability in IBM Data Studio 3.1.0/3.1.1 IBM Eclipse Help System (IEHS), as used in IBM Data Studio 3.1 and 3.1.1 and other products, allows remote authenticated users to read source code via a crafted URL. | 4.0 |
2013-02-20 | CVE-2013-0466 | Cross-Site Scripting vulnerability in IBM Websphere Message Broker Cross-site scripting (XSS) vulnerability in IBM WebSphere Message Broker 7.0 before 7.0.0.6 and 8.0 before 8.0.0.2, when wsdl support is enabled on a SOAPInput node, allows remote attackers to inject arbitrary web script or HTML via a wsdl request that is not properly handled during construction of an error message. | 2.6 |
2013-02-20 | CVE-2013-0457 | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to a uisessionid. | 3.5 |