Export limit exceeded: 338074 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (8130 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-5446 | 1 Ibm | 2 Websphere Datapower Xc10 Appliance, Websphere Datapower Xc10 Appliance Firmware | 2025-04-11 | N/A |
| The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors. | ||||
| CVE-2013-5447 | 1 Ibm | 1 Forms Viewer | 2025-04-11 | N/A |
| Stack-based buffer overflow in IBM Forms Viewer 4.x before 4.0.0.3 and 8.x before 8.0.1.1 allows remote attackers to execute arbitrary code via an XFDL form with a long fontname value. | ||||
| CVE-2013-5448 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Right Click Plugin context menus in IBM Security QRadar SIEM 7.1 and 7.2 before 7.2 MR1 Patch 1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-5449 | 1 Ibm | 1 Filenet Content Manager | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in workingSet.jsp in IBM Eclipse Help System (IEHS), as used in the installable InfoCenter component in IBM FileNet Content Manager 4.5.1, 5.0.0, 5.1.0, and 5.2.0, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-5450 | 1 Ibm | 1 Security Appscan | 2025-04-11 | N/A |
| IBM Security AppScan Enterprise 8.5 through 8.7.0.1, when Jazz authentication is enabled, allows man-in-the-middle attackers to obtain sensitive information or modify data by leveraging an improperly protected URL to obtain a session token. | ||||
| CVE-2013-5452 | 1 Ibm | 1 Filenet Business Process Framework | 2025-04-11 | N/A |
| IBM FileNet Business Process Framework 4.1.0 allows remote authenticated users to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | ||||
| CVE-2013-5453 | 1 Ibm | 1 Security Appscan | 2025-04-11 | N/A |
| IBM Security AppScan Enterprise 5.6 through 8.7.0.1 allows remote authenticated users to read arbitrary report files by leveraging knowledge of filenames that cannot be easily predicted. | ||||
| CVE-2013-5454 | 1 Ibm | 1 Websphere Portal | 2025-04-11 | N/A |
| IBM WebSphere Portal 6.0 through 6.0.1.7, 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF25, and 8.0 through 8.0.0.1 CF08 allows remote attackers to read arbitrary files via a modified URL. | ||||
| CVE-2013-5455 | 1 Ibm | 1 Smartcloud Provisioning | 2025-04-11 | N/A |
| IBM SmartCloud Provisioning 2.1 before FP3 IF0001 allows remote authenticated users to modify virtual-system deployment via deployer.virtualsystems CLI commands, as demonstrated by a deletion using a deployer.virtualsystems[#].delete command. | ||||
| CVE-2013-5456 | 2 Ibm, Redhat | 2 Java, Rhel Extras | 2025-04-11 | N/A |
| The com.ibm.rmi.io.SunSerializableFactory class in IBM Java SDK 7.0.0 before SR6 allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code via vectors related to deserialization inside the AccessController doPrivileged block. | ||||
| CVE-2013-5457 | 2 Ibm, Redhat | 3 Java, Network Satellite, Rhel Extras | 2025-04-11 | N/A |
| Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2013-5458 | 2 Ibm, Redhat | 2 Java, Rhel Extras | 2025-04-11 | N/A |
| Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6 allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2013-5462 | 1 Ibm | 1 Content Navigator | 2025-04-11 | N/A |
| IBM/ECMClient/configure/explodedformat/navigator/header.jsp in IBM Content Navigator 2.0.0, 2.0.1 before 2.0.1.2-ICN-FP002, and 2.0.2 before 2.0.2.1-ICN-FP001 allows remote attackers to conduct clickjacking attacks via vectors involving FRAME elements. | ||||
| CVE-2013-5463 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2025-04-11 | N/A |
| The WinCollect agent in IBM Security QRadar SIEM before 7.1.1.569824 allows remote attackers to bypass intended access restrictions by injecting a (1) DLL or (2) configuration file. | ||||
| CVE-2013-5466 | 1 Ibm | 3 Db2, Db2 Connect, Db2 Purescale Feature 9.8 | 2025-04-11 | N/A |
| The XSLT library in IBM DB2 and DB2 Connect 9.5 through 10.5, and the DB2 pureScale Feature 9.8 for Enterprise Server Edition, allows remote authenticated users to cause a denial of service via unspecified vectors. | ||||
| CVE-2013-6305 | 1 Ibm | 1 Platform Symphony | 2025-04-11 | N/A |
| IBM Platform Symphony 5.2 before build 229037 and 6.1.0.1 before build 229073 uses the same credentials encryption key across different customers' installations, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging knowledge of this key. | ||||
| CVE-2013-6307 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-6312 | 1 Ibm | 2 Rational Performance Tester, Rational Service Tester | 2025-04-11 | N/A |
| Unspecified vulnerability in IBM Rational Service Tester 8.3.x and 8.5.x before 8.5.1 and Rational Performance Tester 8.3.x and 8.5.x before 8.5.1 allows remote attackers to read arbitrary files via unknown vectors. | ||||
| CVE-2013-6316 | 1 Ibm | 1 Websphere Portal | 2025-04-11 | N/A |
| IBM WebSphere Portal 7.0.0.x before 7.0.0.2 CF26 and 8.0.0.x before 8.0.0.1 CF09 does not properly handle content-selection changes during Taxonomy component rendering, which allows remote attackers to obtain sensitive property information in opportunistic circumstances by leveraging an error in a Web Content Manager (WCM) context processor. | ||||
| CVE-2013-6321 | 1 Ibm | 4 Atlas Ediscovery Process Management, Atlas Suite, Disposal And Governance Management For It and 1 more | 2025-04-11 | N/A |
| SQL injection vulnerability in IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2, Disposal and Governance Management for IT 6.0.1.5 and earlier and 6.0.2, and Global Retention Policy and Schedule Management 6.0.1.5 and earlier and 6.0.2 in IBM Atlas Suite (aka Atlas Policy Suite) allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||