Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-04-29 | CVE-2010-1612 | Denial of Service vulnerability in IBM Datapower XS40 Malformed ICMP Packet The IBM WebSphere DataPower XML Accelerator XA35, Low Latency Appliance XM70, Integration Appliance XI50, B2B Appliance XB60, and XML Security Gateway XS40 SOA Appliances before 3.8.0.0, when a QLOGIC Ethernet interface is used, allow remote attackers to cause a denial of service (interface outage) via malformed ICMP packets to the 0.0.0.0 destination IP address. | 5.0 |
| 2010-04-29 | CVE-2010-1608 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Notes 8.5/8.5.1/8.5.1.1 Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and possibly other versions, allows remote attackers to execute arbitrary code via unknown attack vectors, as demonstrated by the vd_ln module in VulnDisco 9.0. | 10.0 |
| 2010-04-27 | CVE-2010-1560 | Buffer Errors vulnerability in IBM DB2 8.2/9.1 Buffer overflow in the REPEAT function in IBM DB2 9.1 before FP9 allows remote authenticated users to cause a denial of service (trap) via unspecified vectors. | 4.0 |
| 2010-04-27 | CVE-2010-0772 | Unspecified vulnerability in IBM Websphere MQ 7.0.0/7.0.1/7.0.1.1 Unspecified vulnerability in the channel process in IBM WebSphere MQ 7.0 before 7.0.1.2 allows remote authenticated users to cause a denial of service (daemon crash) via "incorrect channel control data." | 4.0 |
| 2010-04-21 | CVE-2010-1490 | Security vulnerability in IBM Cognos 8 Business Intelligence Unspecified vulnerability in IBM Cognos 8 Business Intelligence before 8.4.1 FP1 has unknown impact and attack vectors. | 10.0 |
| 2010-04-20 | CVE-2010-1487 | Credentials Management vulnerability in IBM Lotus Notes 7.0/8.0/8.5 IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG. | 2.1 |
| 2010-04-16 | CVE-2010-1460 | Resource Management Errors vulnerability in IBM Advanced Management Module The IBM BladeCenter with Advanced Management Module (AMM) firmware before bpet50g does not properly perform interrupt sharing for USB and iSCSI, which allows remote attackers to cause a denial of service (management module reboot) via TCP packets with malformed application data. | 5.0 |
| 2010-04-12 | CVE-2010-1348 | Security vulnerability in IBM WebSphere Portal Login Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown impact and remote attack vectors. | 7.5 |
| 2010-04-12 | CVE-2010-1347 | Permissions, Privileges, and Access Controls vulnerability in IBM Director Agent 6.1/6.1.2 Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts. | 7.2 |
| 2010-04-05 | CVE-2010-1243 | Remote Security vulnerability in IBM Webi 1.0.2 The IBM Web Interface for Content Management (aka WEBi) before 1.0.4 creates persistent cookies on client workstations, which has unspecified impact and attack vectors. | 7.5 |