2903 matches found
CVE-2013-3049
CVE-2013-3049 affects IBM Maximo Asset Management and related IBM Tivoli/SmartCloud products. The vulnerability is a security bypass that could allow remote authenticated users to bypass intended access restrictions via unspecified vectors (a different issue from CVE-2013-3971). NVD records a CVS...
CVE-2013-4027
CVE-2013-4027 affects IBM Maximo Asset Management and related products (Maximo Asset Management 6.2.x, 7.1.x, 7.5) where remote authenticated users can bypass access restrictions via unspecified vectors. The connected IBM bulletin confirms vulnerable components and lists FIX/IF packages per relea...
CVE-2013-4017
SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2013-3972
CVE-2013-3972 affects IBM Maximo Asset Management (and related Maximo offerings): versions 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 are vulnerable to an information-disclosure condition triggered by remote authenticated users via unspecified vectors. IBM’s consolidated bulletin shows the vulner...
CVE-2013-3971
IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-3049...
CVE-2013-5395
CVE-2013-5395 affects IBM Maximo Asset Management and related products. Affected: Maximo Asset Management 6.2–6.2.8; 7.1 before 7.1.1.12; 7.5 before 7.5.0.5. Issue: remote attackers can bypass intended access restrictions via unspecified vectors. Evidence: IBM Flash with detailed product list and...
CVE-2013-5380
IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows local users to obtain sensitive information via unspecified vectors...
CVE-2013-3048
CVE-2013-3048 is an XSS vulnerability in IBM Maximo Asset Management and related Maximo products across multiple releases (6.2.x to 7.5). The issue allows remote authenticated users to inject arbitrary web script/HTML via unspecified vectors due to a cross-site scripting flaw. IBM’s bulletin list...
CVE-2013-3047
IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to gain privileges via unspecified vectors...
CVE-2013-4021
IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to conduct unspecified file-inclusion attacks via unknown vectors...
CVE-2013-4019
CVE-2013-4019 is an XSS vulnerability in IBM Maximo Asset Management (and related Maximo offerings) affecting 6.2.x through 6.2.8 and 7.1 up to 7.1.1.12. The description specifies remote authenticated users can inject arbitrary web script/HTML via unspecified vectors. Connected IBM bulletin detai...
CVE-2012-3323
IBM Maximo Asset Management 6.2 before 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.3 allows remote attackers to gain privileges via unspecified vectors...
CVE-2013-3973
SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
CVE-2013-4014
Cross-site scripting XSS vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-4020
IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.3 allows remote authenticated users to bypass intended access restrictions via unspecified vectors...
CVE-2013-4021
CVE-2013-4021 affects IBM Maximo Asset Management and related products (Maximo Asset Management 6.2.x up to 6.2.8; 7.1 up to 7.1.1.12; 7.5 up to 7.5.0.5) and several IBM Maximo/Tivoli components. The vulnerability is described as an unspecified remote file-inclusion issue exploitable by remote au...
CVE-2013-4027
IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to bypass intended access restrictions via unspecified vectors...
CVE-2013-4014
CVE-2013-4014 is a cross-site scripting (XSS) vulnerability affecting IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM’s bulletin lists affected product...
CVE-2013-0451
CVE-2013-0451 affects IBM Maximo Asset Management and related Maximo/Tivoli products (6.2.x, 7.1.x, 7.5.x) with a SQL Injection vulnerability. The connected IBM bulletin describes the flaw as SQL Injection (noted as IV24726 in APARs) in the List Page Description filter and related components, ena...
Oracle Java SE CVE-2013-1488 Remote Code Execution Vulnerability
Description Oracle Java SE is prone to a remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current process. Technologies Affected Avaya Aura Communication Manager Utility Services 6.0 Avaya Aura Communication Manager Utility...