Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2010-3740

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-05 Oct, 2010 | 17:00
Updated At-07 Aug, 2024 | 03:18
Rejected At-
Credits

The Net Search Extender (NSE) implementation in the Text Search component in IBM DB2 UDB 9.5 before FP6a does not properly handle an alphanumeric Fuzzy search, which allows remote authenticated users to cause a denial of service (memory consumption and system hang) via the db2ext.textSearch function.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:05 Oct, 2010 | 17:00
Updated At:07 Aug, 2024 | 03:18
Rejected At:
▼CVE Numbering Authority (CNA)

The Net Search Extender (NSE) implementation in the Text Search component in IBM DB2 UDB 9.5 before FP6a does not properly handle an alphanumeric Fuzzy search, which allows remote authenticated users to cause a denial of service (memory consumption and system hang) via the db2ext.textSearch function.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg1IC66613
vendor-advisory
x_refsource_AIXAPAR
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13811
vdb-entry
signature
x_refsource_OVAL
Hyperlink: ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
Resource:
x_refsource_CONFIRM
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IC66613
Resource:
vendor-advisory
x_refsource_AIXAPAR
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13811
Resource:
vdb-entry
signature
x_refsource_OVAL
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
x_refsource_CONFIRM
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg1IC66613
vendor-advisory
x_refsource_AIXAPAR
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13811
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IC66613
Resource:
vendor-advisory
x_refsource_AIXAPAR
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13811
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:05 Oct, 2010 | 18:00
Updated At:29 Apr, 2026 | 01:13

The Net Search Extender (NSE) implementation in the Text Search component in IBM DB2 UDB 9.5 before FP6a does not properly handle an alphanumeric Fuzzy search, which allows remote authenticated users to cause a denial of service (memory consumption and system hang) via the db2ext.textSearch function.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.0MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 4.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P
CPE Matches

IBM Corporation
ibm
>>db2>>9.5
cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.5
cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.5
cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.5
cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.5
cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.5
cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.5
cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.5
cpe:2.3:a:ibm:db2:9.5:fp4:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.5
cpe:2.3:a:ibm:db2:9.5:fp4a:*:*:*:*:*:*
IBM Corporation
ibm
>>db2>>9.5
cpe:2.3:a:ibm:db2:9.5:fp5:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-399Primarynvd@nist.gov
CWE ID: CWE-399
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXTcve@mitre.org
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IC66613cve@mitre.org
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13811cve@mitre.org
N/A
ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXTaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IC66613af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13811af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IC66613
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13811
Source: cve@mitre.org
Resource: N/A
Hyperlink: ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IC66613
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13811
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

144Records found

CVE-2017-1283
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.94% / 56.53%
||
7 Day CHG~0.00%
Published-27 Nov, 2017 | 21:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a shared memory leak by MQ applications using dynamic queues, which can lead to lack of resources for other MQ applications. IBM X-Force ID: 125144.

Action-Not Available
Vendor-IBM Corporation
Product-websphere_mqMQ
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-1285
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.67% / 73.91%
||
7 Day CHG~0.00%
Published-12 Jul, 2017 | 17:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere MQ 9.0.1 and 9.0.2 could allow an authenticated user with authority to send a specially crafted message that would cause a channel to remain in a running state but not process messages. IBM X-Force ID: 125146.

Action-Not Available
Vendor-IBM Corporation
Product-websphere_mqMQ
CWE ID-CWE-20
Improper Input Validation
CVE-2017-1235
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-2.25% / 80.80%
||
7 Day CHG~0.00%
Published-25 Sep, 2017 | 16:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere MQ 8.0 could allow an authenticated user to cause a premature termination of a client application thread which could potentially cause denial of service. IBM X-Force ID: 123914.

Action-Not Available
Vendor-IBM Corporation
Product-websphere_mqMQ
CVE-2017-1236
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.44% / 69.87%
||
7 Day CHG~0.00%
Published-06 Jul, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere MQ 9.0.2 could allow an authenticated user to potentially cause a denial of service by saving an incorrect channel status inquiry. IBM X-Force ID: 124354

Action-Not Available
Vendor-IBM Corporation
Product-websphere_mqMQ
CWE ID-CWE-20
Improper Input Validation
CVE-2016-5440
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-3.70% / 88.41%
||
7 Day CHG-0.03%
Published-21 Jul, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationIBM CorporationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxenterprise_linux_serverenterprise_linux_workstationmariadbmysqlenterprise_linux_desktopenterprise_linux_server_tuspowerkvmenterprise_linux_server_euslinuxenterprise_linux_server_ausn/a
CVE-2016-9009
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-3.1||LOW
EPSS-0.81% / 52.38%
||
7 Day CHG~0.00%
Published-24 Feb, 2017 | 18:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647.

Action-Not Available
Vendor-IBM Corporation
Product-websphere_mqWebSphere MQ
CWE ID-CWE-20
Improper Input Validation
CVE-2016-8986
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.04% / 59.83%
||
7 Day CHG~0.00%
Published-22 Feb, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648.

Action-Not Available
Vendor-IBM Corporation
Product-websphere_mqWebSphere MQ
CWE ID-CWE-284
Improper Access Control
CVE-2016-8915
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.84% / 53.44%
||
7 Day CHG~0.00%
Published-22 Feb, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference #: 1998649.

Action-Not Available
Vendor-IBM Corporation
Product-websphere_mqWebSphere MQ
CWE ID-CWE-284
Improper Access Control
CVE-2016-5979
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-2.7||LOW
EPSS-0.79% / 51.92%
||
7 Day CHG~0.00%
Published-15 May, 2017 | 21:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged authenticated user to create an instance that gets created with security profile not valid for the templates, that results in the new instance not accessible for the intended user. IBM X-Force ID: 116379.

Action-Not Available
Vendor-IBM Corporation
Product-distributed_marketingDistributed Marketing
CVE-2016-5954
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.31% / 67.05%
||
7 Day CHG~0.00%
Published-12 Sep, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF30, 8.0.0 through 8.0.0.1 CF21, and 8.5.0 before CF12 allows remote authenticated users to cause a denial of service by uploading temporary files.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_portaln/a
CWE ID-CWE-284
Improper Access Control
CVE-2016-3013
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.91% / 55.48%
||
7 Day CHG~0.00%
Published-22 Feb, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661.

Action-Not Available
Vendor-IBM Corporation
Product-websphere_mqWebSphere MQ
CVE-2016-3000
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.27% / 66.18%
||
7 Day CHG~0.00%
Published-26 Sep, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The help service in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to cause a denial of service (service degradation) via a crafted URL.

Action-Not Available
Vendor-n/aIBM Corporation
Product-connectionsn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-0644
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-1.68% / 74.19%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DDL.

Action-Not Available
Vendor-n/aMariaDB FoundationopenSUSEIBM CorporationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxmariadbmysqlleappowerkvmlinuxenterprise_linuxn/a
CVE-2016-0381
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.99% / 58.34%
||
7 Day CHG~0.00%
Published-15 May, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Cognos TM1 10.2.2 before FP5, when the host/pmhub/pm/admin AdminGroups setting is empty, allows remote authenticated users to cause a denial of service (configuration outage) via a non-empty value.

Action-Not Available
Vendor-n/aIBM Corporation
Product-cognos_tm1n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-0356
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.71% / 49.08%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 18:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. IBM X-Force ID: 111895.

Action-Not Available
Vendor-IBM Corporation
Product-sametimeSametime
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2016-0650
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-1.68% / 74.19%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to Replication.

Action-Not Available
Vendor-n/aMariaDB FoundationopenSUSEIBM CorporationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxmariadbmysqlleappowerkvmlinuxenterprise_linuxn/a
CVE-2016-0649
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-1.68% / 74.19%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to PS.

Action-Not Available
Vendor-n/aMariaDB FoundationopenSUSEIBM CorporationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxmariadbmysqlleappowerkvmlinuxenterprise_linuxn/a
CVE-2016-0648
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-1.70% / 74.39%
||
7 Day CHG-0.01%
Published-21 Apr, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS.

Action-Not Available
Vendor-n/aMariaDB FoundationopenSUSEIBM CorporationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxmariadbmysqlleappowerkvmlinuxenterprise_linuxn/a
CVE-2016-0646
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-1.68% / 74.19%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DML.

Action-Not Available
Vendor-n/aMariaDB FoundationopenSUSEIBM CorporationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxmariadbmysqlleappowerkvmlinuxenterprise_linuxn/a
CVE-2016-0215
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.57% / 72.34%
||
7 Day CHG-0.03%
Published-16 Jan, 2018 | 19:00
Updated-05 Aug, 2024 | 22:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 9.7, 10.1 before FP6, and 10.5 before FP8 on AIX, Linux, HP, Solaris and Windows allow remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a subquery containing the AVG OLAP function on an Oracle compatible database.

Action-Not Available
Vendor-n/aMicrosoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kerneldb2hp-uxwindowsaixn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-0355
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.71% / 49.09%
||
7 Day CHG~0.00%
Published-29 Aug, 2017 | 18:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. IBM X-Force ID: 111894.

Action-Not Available
Vendor-IBM Corporation
Product-sametimeSametime
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2016-0211
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4.3||MEDIUM
EPSS-2.13% / 79.67%
||
7 Day CHG~0.00%
Published-28 Apr, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted DRDA message.

Action-Not Available
Vendor-n/aIBM Corporation
Product-db2db2_connectn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-0647
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-1.70% / 74.39%
||
7 Day CHG-0.01%
Published-21 Apr, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to FTS.

Action-Not Available
Vendor-n/aMariaDB FoundationopenSUSEIBM CorporationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxmariadbmysqlleappowerkvmlinuxenterprise_linuxn/a
CVE-2016-0219
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.23% / 65.31%
||
7 Day CHG-0.02%
Published-16 Jan, 2018 | 19:00
Updated-05 Aug, 2024 | 22:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote authenticated users to cause a denial of service via crafted XML data. IBM X-Force ID: 109693.

Action-Not Available
Vendor-n/aIBM Corporation
Product-rational_doors_next_generationrational_engineering_lifecycle_managerrational_quality_managerrational_team_concertrational_requirements_composerrational_collaborative_lifecycle_managementrational_rhapsody_design_managerrational_software_architect_design_managern/a
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CVE-2015-7461
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.26% / 65.88%
||
7 Day CHG~0.00%
Published-20 Mar, 2018 | 21:00
Updated-06 Aug, 2024 | 07:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XML external entity (XXE) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote authenticated users to cause a denial of service (memory consumption) via crafted XML data. IBM X-Force ID: 108357.

Action-Not Available
Vendor-n/aIBM Corporation
Product-connectionsn/a
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CWE ID-CWE-399
Not Available
CVE-2015-0189
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-1.91% / 77.28%
||
7 Day CHG~0.00%
Published-20 May, 2015 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cluster repository manager in IBM WebSphere MQ 7.5 before 7.5.0.5 and 8.0 before 8.0.0.2 allows remote authenticated administrators to cause a denial of service (memory overwrite and daemon outage) by triggering multiple transmit-queue records.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_mqn/a
CVE-2015-0142
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-1.00% / 58.70%
||
7 Day CHG~0.00%
Published-03 Oct, 2015 | 22:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to cause a denial of service (maintenance-mode transition and data-storage outage) by calling the System Administration Mode function.

Action-Not Available
Vendor-n/aIBM Corporation
Product-openpages_grc_platformn/a
CVE-2014-8901
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-2.16% / 79.98%
||
7 Day CHG~0.00%
Published-18 Dec, 2014 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted XML query.

Action-Not Available
Vendor-n/aIBM Corporation
Product-db2n/a
CVE-2014-6089
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-1.25% / 65.88%
||
7 Day CHG~0.00%
Published-18 Dec, 2014 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote authenticated users to cause a denial of service (disrupted system operations) by uploading a file to a protected area.

Action-Not Available
Vendor-n/aIBM Corporation
Product-security_access_manager_for_websecurity_access_manager_for_mobilen/a
CVE-2014-6097
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-1.90% / 77.12%
||
7 Day CHG~0.00%
Published-08 Nov, 2014 | 11:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 9.7 before FP10 and 9.8 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement.

Action-Not Available
Vendor-n/aIBM Corporation
Product-db2n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-6082
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-1.39% / 68.91%
||
7 Day CHG~0.00%
Published-18 Dec, 2014 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote authenticated users to cause a denial of service (administration UI outage) via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-security_access_manager_for_websecurity_access_manager_for_mobilen/a
CVE-2014-6183
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-1.79% / 75.63%
||
7 Day CHG~0.00%
Published-23 Nov, 2014 | 00:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Network Protection 5.1 before 5.1.0.0 FP13, 5.1.1 before 5.1.1.0 FP8, 5.1.2 before 5.1.2.0 FP9, 5.1.2.1 before FP5, 5.2 before 5.2.0.0 FP5, and 5.3 before 5.3.0.0 FP1 on XGS devices allows remote authenticated users to execute arbitrary commands via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-security_network_protection_xgs_5000security_network_protection_xgs_5100security_network_protection_firmwaren/a
CVE-2014-6209
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-2.49% / 82.70%
||
7 Day CHG~0.00%
Published-12 Dec, 2014 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by specifying an identity column within a crafted ALTER TABLE statement.

Action-Not Available
Vendor-n/aIBM Corporation
Product-db2n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-4807
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-1.24% / 65.55%
||
7 Day CHG~0.00%
Published-23 Nov, 2014 | 00:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sterling Order Management in IBM Sterling Selling and Fulfillment Suite 9.3.0 before FP8 allows remote authenticated users to cause a denial of service (CPU consumption) via a '\0' character.

Action-Not Available
Vendor-n/aIBM Corporation
Product-sterling_selling_and_fulfillment_foundationn/a
CVE-2014-4792
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-1.88% / 76.88%
||
7 Day CHG~0.00%
Published-12 Sep, 2014 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, 8.0.0 through 8.0.0.1 CF13, and 8.5.0 before CF02 allows remote authenticated users to cause a denial of service (disk consumption) by uploading large files.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_portaln/a
CVE-2014-3042
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-1.42% / 69.55%
||
7 Day CHG~0.00%
Published-10 Jun, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM CICS Transaction Server 3.1, 3.2, 4.1, 4.2, and 5.1 on z/OS does not properly implement CEMT transactions, which allows remote authenticated users to cause a denial of service (storage overlay) by using a 3270 emulator to send an invalid 3270 data stream.

Action-Not Available
Vendor-n/aIBM Corporation
Product-cics_transaction_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-29899
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.01% / 58.91%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 15:40
Updated-16 Sep, 2024 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Engineering Requirements Quality Assistant prior to 3.1.3 could allow an authenticated user to cause a denial of service. IBM X-Force ID: 207413.

Action-Not Available
Vendor-IBM Corporation
Product-engineering_requirements_quality_assistant_on-premisesEngineering Requirements Quality Assistant
CVE-2021-29714
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.01% / 58.94%
||
7 Day CHG~0.00%
Published-09 Aug, 2021 | 16:05
Updated-16 Sep, 2024 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Content Navigator 3.0.CD could allow a malicious user to cause a denial of service due to improper input validation. IBM X-Force ID: 200968.

Action-Not Available
Vendor-IBM Corporation
Product-content_navigatorContent Navigator
CWE ID-CWE-20
Improper Input Validation
CVE-2021-29777
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.3||MEDIUM
EPSS-1.37% / 68.56%
||
7 Day CHG~0.00%
Published-24 Jun, 2021 | 18:45
Updated-16 Sep, 2024 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5, under specific circumstance of a table being dropped while being accessed in another session, could allow an authenticated user to cause a denial of srevice IBM X-Force ID: 203031.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kerneldb2hp-uxwindowsaixDB2 for Linux, UNIX and Windows
CWE ID-CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CVE-2021-29843
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.91% / 55.58%
||
7 Day CHG~0.00%
Published-08 Nov, 2021 | 16:50
Updated-17 Sep, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM MQ 9.1 LTS, 9.1 CD, 9.2 LTS, and 9.2CD is vulnerable to a denial of service attack caused by an issue processing message properties. IBM X-Force ID: 205203.

Action-Not Available
Vendor-IBM Corporation
Product-mq_applianceMQ Appliance
CVE-2021-29856
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.06% / 60.58%
||
7 Day CHG~0.00%
Published-20 Sep, 2021 | 16:45
Updated-17 Sep, 2024 | 04:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 could allow an authenticated usre to cause a denial of service through the WebGUI Map Creation page. IBM X-Force ID: 205685.

Action-Not Available
Vendor-IBM Corporation
Product-tivoli_netcool\/omnibus_webguiTivoli Netcool/OMNIbus
CVE-2012-0200
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-5.73% / 92.13%
||
7 Day CHG~0.00%
Published-21 Feb, 2012 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The server in IBM solidDB 6.5 before Interim Fix 6 does not properly initialize data structures, which allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a redundant WHERE condition.

Action-Not Available
Vendor-n/aIBM Corporation
Product-soliddbn/a
CVE-2011-2682
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4||MEDIUM
EPSS-1.17% / 63.72%
||
7 Day CHG~0.00%
Published-07 Jul, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Login component in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 allows remote authenticated users to cause a denial of service (license consumption) by trying to login to DOORS Web Access with a new user account that has never been used for a DOORS login.

Action-Not Available
Vendor-n/aIBM Corporation
Product-rational_doors_web_accessn/a
CVE-2013-5466
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4||MEDIUM
EPSS-2.16% / 79.97%
||
7 Day CHG~0.00%
Published-18 Dec, 2013 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The XSLT library in IBM DB2 and DB2 Connect 9.5 through 10.5, and the DB2 pureScale Feature 9.8 for Enterprise Server Edition, allows remote authenticated users to cause a denial of service via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-db2_purescale_feature_9.8db2db2_connectn/a
CVE-2011-2173
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4||MEDIUM
EPSS-1.12% / 62.34%
||
7 Day CHG~0.00%
Published-26 May, 2011 | 16:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The implementation of OutputMediator objects in IBM WebSphere Portal 6.0.1.7, and 7.0.0.1 before CF002, allows remote authenticated users to cause a denial of service (memory consumption) via requests.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_portaln/a
CVE-2011-1319
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4||MEDIUM
EPSS-1.40% / 69.24%
||
7 Day CHG~0.00%
Published-08 Mar, 2011 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Security component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15 allows remote authenticated users to cause a denial of service (memory consumption) by using a Lightweight Third-Party Authentication (LTPA) token for authentication.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_application_servern/a
CVE-2010-4788
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4||MEDIUM
EPSS-0.88% / 54.76%
||
7 Day CHG~0.00%
Published-21 Apr, 2011 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) does not perform certain locking of linked-list access, which allows remote authenticated users to cause a denial of service (daemon crash) via a paged search.

Action-Not Available
Vendor-n/aIBM Corporation
Product-tivoli_directory_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-4593
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4||MEDIUM
EPSS-1.12% / 62.34%
||
7 Day CHG~0.00%
Published-22 Dec, 2010 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does not properly maintain a certain reference count, which allows remote authenticated users to cause a denial of service (IP address exhaustion) by making invalid attempts to establish sessions with the same VPN ID from multiple devices.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_mobile_connectn/a
CVE-2010-3736
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4||MEDIUM
EPSS-1.12% / 62.34%
||
7 Day CHG~0.00%
Published-05 Oct, 2010 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a, when the connection concentrator is enabled, allows remote authenticated users to cause a denial of service (heap memory consumption) by using a different code page than the database server.

Action-Not Available
Vendor-n/aIBM Corporation
Product-db2n/a
CVE-2010-4545
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4||MEDIUM
EPSS-1.12% / 62.34%
||
7 Day CHG~0.00%
Published-16 Dec, 2010 | 19:45
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (resource consumption and sync outage) by syncing a large volume of data.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_notes_travelern/a
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found