Search

Search Results (363169 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-2159 1 Ibm 2 Security Appscan Source, Spss Data Collection 2025-04-11 N/A
Open redirect vulnerability in IBM Eclipse Help System (IEHS), as used in IBM Security AppScan Source 7.x and 8.x before 8.6 and IBM SPSS Data Collection Developer Library 6.0 and 6.0.1, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVE-2012-2161 1 Ibm 2 Security Appscan Source, Spss Data Collection 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in deferredView.jsp in IBM Eclipse Help System (IEHS), as used in IBM Security AppScan Source 7.x and 8.x before 8.6 and IBM SPSS Data Collection Developer Library 6.0 and 6.0.1, allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2012-2162 1 Ibm 1 Websphere Application Server 2025-04-11 N/A
The Web Server Plug-in in IBM WebSphere Application Server (WAS) 8.0 and earlier uses unencrypted HTTP communication after expiration of the plugin-key.kdb password, which allows remote attackers to obtain sensitive information by sniffing the network, or spoof arbitrary servers via a man-in-the-middle attack.
CVE-2012-2163 1 Ibm 1 Scale Out Network Attached Storage 2025-04-11 N/A
IBM Scale Out Network Attached Storage (SONAS) 1.1 through 1.3.1 allows remote authenticated administrators to execute arbitrary Linux commands via the (1) Command Line Interface or (2) Graphical User Interface, related to a "code injection" issue.
CVE-2012-2164 1 Ibm 1 Rational Clearquest 2025-04-11 N/A
The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to bypass intended access restrictions, and use the Site Administration menu to modify system settings, via a parameter-tampering attack.
CVE-2012-2165 1 Ibm 1 Rational Clearquest 2025-04-11 N/A
IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3, when ClearQuest Authentication is enabled, allows remote authenticated users to read password hashes via a user query.
CVE-2012-2167 1 Ibm 2 Xiv Storage System Gen3, Xiv Storage System Gen3 Firmware 2025-04-11 N/A
The IBM XIV Storage System Gen3 before 11.1.0.a allows remote attackers to cause a denial of service (device outage) via TCP packets to unspecified ports.
CVE-2012-2168 1 Ibm 1 Rational Clearquest 2025-04-11 N/A
IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to obtain sensitive stack-trace information from CM server error messages via an invalid parameter.
CVE-2012-2169 1 Ibm 1 Rational Clearquest 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the file-upload functionality in the Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 allows remote authenticated users to inject arbitrary web script or HTML via the File Description field.
CVE-2012-2170 1 Ibm 1 Websphere Application Server 2025-04-11 N/A
The Application Snoop Servlet in IBM WebSphere Application Server 7.0 before 7.0.0.23 does not properly restrict access, which allows remote attackers to obtain sensitive client and request information via a direct request.
CVE-2012-2171 1 Ibm 18 Ds4100, Ds4200, Ds4300 and 15 more 2025-04-11 N/A
SQL injection vulnerability in ModuleServlet.do in the Storage Manager Profiler in IBM System Storage DS Storage Manager before 10.83.xx.18 on DS Series devices allows remote authenticated users to execute arbitrary SQL commands via the selectedModuleOnly parameter in a state_viewmodulelog action to the ModuleServlet URI.
CVE-2012-2172 1 Ibm 18 Ds4100, Ds4200, Ds4300 and 15 more 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in SoftwareRegistration.do in the Storage Manager Profiler in IBM System Storage DS Storage Manager before 10.83.xx.18 on DS Series devices allows remote attackers to inject arbitrary web script or HTML via the updateRegn parameter.
CVE-2012-2173 1 Ibm 1 Security Appscan Source 2025-04-11 N/A
The ODBC driver in IBM Security AppScan Source 7.x and 8.x before 8.6 sends an SHA-1 hash of the connection password during connections to a solidDB database, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE-2012-2174 1 Ibm 1 Lotus Notes 2025-04-11 N/A
The URL handler in IBM Lotus Notes 8.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a crafted notes:// URL.
CVE-2012-2175 1 Ibm 1 Lotus Inotes 2025-04-11 N/A
Buffer overflow in the Attachment_Times method in a certain ActiveX control in dwa85W.dll in IBM Lotus iNotes 8.5.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a long argument.
CVE-2012-2176 1 Ibm 1 Lotus Quickr 2025-04-11 N/A
Multiple stack-based buffer overflows in a certain ActiveX control in qp2.cab in IBM Lotus Quickr 8.2 before 8.2.0.27-002a for Domino allow remote attackers to execute arbitrary code via a long argument to the (1) Attachment_Times or (2) Import_Times method.
CVE-2012-2177 1 Ibm 1 Cognos Business Intelligence 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in IBM Cognos Business Intelligence (BI) 8.4.1 before IF1, 10.1 before IF2, 10.1.1 before IF2, and 10.2 before IF1 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors related to the search feature.
CVE-2012-2179 1 Ibm 1 Aix 2025-04-11 N/A
libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
CVE-2012-2180 1 Ibm 1 Db2 2025-04-11 N/A
The chaining functionality in the Distributed Relational Database Architecture (DRDA) module in IBM DB2 9.7 before FP6 and 9.8 before FP5 allows remote attackers to cause a denial of service (NULL pointer dereference, and resource consumption or daemon crash) via a crafted request.
CVE-2012-2181 1 Ibm 1 Websphere Portal 2025-04-11 N/A
Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF14, and 8.0, allows remote attackers to read arbitrary files via a crafted URL.