CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2009-2030
https://notcve.org/view.php?id=CVE-2009-2030
11 Jun 2009 — Unspecified vulnerability in the XML Digital Signature verification functionality in JVA-RUN in JDK 6.0 in IBM OS/400 i5/OS V5R4M0 and V6R1M0 has unknown impact and attack vectors related to "XML SECURITY PATCH." Una vulnerabilidad no especificada en la funcionalidad de comprobación de XML Digital Signature en JVA-RUN en JDK versión 6.0 en IBM OS/400 i5/OS versiones V5R4M0 y V6R1M0, presenta un impacto y vectores de ataque desconocidos relacionados con "XML SECURITY PATCH". • http://secunia.com/advisories/35356 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2008-2709
https://notcve.org/view.php?id=CVE-2008-2709
16 Jun 2008 — Buffer overflow in the BrSmRcvAndCheck function in the RCHMGR module on IBM OS/400 V5R4M0, V5R4M5, and V6R1M0 allows local users to cause a denial of service (task halt and main storage dump) via unspecified vectors involving the running of diagnostics on a modem port. NOTE: there might be limited attack scenarios. Desbordamiento de buffer en la función BrSmRcvAndCheck en el módulo RCHMGR de IBM OS/400 V5R4M0, V5R4M5, y V6R1M0, permite a atacantes locales provocar una denegación de servicio (parada de tarea... • http://secunia.com/advisories/30554 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0694
https://notcve.org/view.php?id=CVE-2008-0694
12 Feb 2008 — Cross-site scripting (XSS) vulnerability in the HTTP Server in IBM OS/400 V5R3M0 and V5R4M0 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en HTTP Server de IBM OS/400 V5R3M0 y V5R4M0. permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de la cabecera Expect HTTP. • http://secunia.com/advisories/28744 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2007-3537
https://notcve.org/view.php?id=CVE-2007-3537
03 Jul 2007 — IBM OS/400 (aka i5/OS) V4R2M0 through V5R3M0 on iSeries machines sends responses to TCP SYN-FIN packets, which allows remote attackers to obtain system information and possibly bypass firewall rules. IBM OS/400 (también conocido como i5/OS) V4R2M0 hasta V5R3M0 en máquinas iSeries envía respuestas a paquetes TCP SYN-FIN, lo cual permite a atacantes remotos obtener información sensible y posiblemente evitar reglas de cortafuegos. • http://osvdb.org/37792 •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2007-1913
https://notcve.org/view.php?id=CVE-2007-1913
10 Apr 2007 — The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. La función TRUSTED_SYSTEM_SECURITY en la SAP RFC Library 6.40 y 7.00 anterior al 11/12/2006 permite a atacantes remotos verificar la exis... • http://secunia.com/advisories/24722 •
CVSS: 9.8EPSS: 4%CPEs: 11EXPL: 0CVE-2007-1915
https://notcve.org/view.php?id=CVE-2007-1915
10 Apr 2007 — Buffer overflow in the RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. Desbordamiento de búfer en la función RFC_START_PROGRAM en la libreria SAP RFC Library 6.40 y 7.00 anterior a 20061211 permite a atacantes remotos ejecutar código de su elección a través de vectores no especific... • http://secunia.com/advisories/24722 •
CVSS: 10.0EPSS: 9%CPEs: 13EXPL: 0CVE-2007-1916
https://notcve.org/view.php?id=CVE-2007-1916
10 Apr 2007 — Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. Desbordamiento de búfer en la función RFC_START_GUI en la libreria SAP RFC Library 6.40 y 7.00 anterior a 20061211 permite a atacantes remotos ejecutar código de su elección a través de vectores no especificados. NO... • http://secunia.com/advisories/24722 •
CVSS: 10.0EPSS: 9%CPEs: 13EXPL: 0CVE-2007-1917
https://notcve.org/view.php?id=CVE-2007-1917
10 Apr 2007 — Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. Desbordamiento de búfer en la función SYSTEM_CREATE_INSTANCE en la SAP RFC Library 6.40 y 7.00 anterior al 11/12/2006 permite a atacantes remotos ejecutar código de su elección mediante vectores no especifi... • http://secunia.com/advisories/24722 •
CVSS: 9.1EPSS: 1%CPEs: 12EXPL: 0CVE-2007-1918
https://notcve.org/view.php?id=CVE-2007-1918
10 Apr 2007 — The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. La función RFC_SET_REG_SERVER_PROPERTY en la libreria SAP RFC Library 6.40 y 7.00 anterior a 20070109 implementa una opción para acces... • http://secunia.com/advisories/24722 •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2007-0442
https://notcve.org/view.php?id=CVE-2007-0442
23 Jan 2007 — Unspecified vulnerability in IBM OS/400 R530 and R535 has unknown impact and remote attack vectors, related to an "Integrity Problem" involving LIC-TCPIP and TCP reset. NOTE: it is possible that this issue is related to CVE-2004-0230, but this is not certain. Vulnerabilidad no especificada en IBM OS/400 R530 y R535 tiene impacto y vectores de ataque remotos desconocidos, relacionados con "Problemas de Integridad" que implican restablecimientos LIC-TCPIP y TCP. NOTA: es posible que este asunto esté relaciona... • http://osvdb.org/32812 •