Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-04-21 | CVE-2011-1820 | Information Exposure vulnerability in IBM Tivoli Directory Server IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, 6.0 before 6.0.0.67 (aka 6.0.0.8-TIV-ITDS-IF0009), 6.1 before 6.1.0.40 (aka 6.1.0.5-TIV-ITDS-IF0003), 6.2 before 6.2.0.16 (aka 6.2.0.3-TIV-ITDS-IF0002), and 6.3 before 6.3.0.3 (aka 6.3.0.0-TIV-ITDS-IF0003) does not properly handle the ibm-auditAttributesOnGroupEvalOp setting for auditing of extended operations, which might allow attackers to obtain sensitive information by reading the audit log. | 1.7 |
| 2011-04-21 | CVE-2011-1822 | Credentials Management vulnerability in IBM Tivoli Directory Server 5.2.0/5.2.0.4 The LDAP_ADD implementation in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0009 stores a cleartext SHA password in the change log, which might allow local users to obtain sensitive information by reading this log. | 2.1 |
| 2011-03-22 | CVE-2008-7284 | Resource Management Errors vulnerability in IBM Lotus Quickr 8.1 IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by clicking a download link, aka SPR QCAO7E6AM8. | 3.5 |
| 2011-03-22 | CVE-2008-7286 | Improper Input Validation vulnerability in IBM Lotus Quickr 8.1 IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that request images, which allows remote authenticated users to cause a denial of service (daemon crash) via a request to resources.nsf, aka SPR XFXF7JDBCX. | 3.5 |
| 2011-03-22 | CVE-2009-5058 | Unspecified vulnerability in IBM Lotus Quickr 8.1 Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by deleting an item that is accessed through a connector, aka SPR RELS7LARKR. network ibm | 3.5 |
| 2011-03-22 | CVE-2009-5059 | Unspecified vulnerability in IBM Lotus Quickr 8.1 Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.10 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by checking out a document that is accessed through a connector, aka SPR MMOI7PSR8J. network ibm | 3.5 |
| 2011-03-22 | CVE-2009-5060 | Unspecified vulnerability in IBM Lotus Quickr 8.1 Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by accessing an entry in a calendar, aka SPR MZHA7SEBJX. network ibm | 3.5 |
| 2011-03-22 | CVE-2009-5061 | Unspecified vulnerability in IBM Lotus Quickr 8.1 Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 services for Lotus Domino, when Domino Native Authentication is enabled, might allow remote authenticated users to cause a denial of service (daemon crash) by going offline, aka SPR MLZG7UPB9N. | 2.1 |
| 2011-03-22 | CVE-2009-5062 | Resource Management Errors vulnerability in IBM Lotus Quickr 8.1 IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX allows remote authenticated users to cause a denial of service (daemon crash) by subscribing to an Atom feed, aka SPR JRIE7VKMP9. | 3.5 |
| 2011-03-08 | CVE-2011-1307 | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Application Server The installer in IBM WebSphere Application Server (WAS) before 7.0.0.15 uses 777 permissions for a temporary log directory, which allows local users to have unintended access to log files via standard filesystem operations, a different vulnerability than CVE-2009-1173. | 2.1 |