cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-28198,https://securityvulnerability.io/vulnerability/CVE-2020-28198,,"The 'id' parameter of IBM Tivoli Storage Manager Version 5 Release 2 (Command Line Administrative Interface, dsmadmc.exe) is vulnerable to an exploitable stack buffer overflow. Note: the vulnerability can be exploited when it is used in ""interactive"" mode while, cause of a max number characters limitation, it cannot be exploited in batch or command line usage (e.g. dsmadmc.exe -id=username -password=pwd). NOTE: This vulnerability only affects products that are no longer supported by the maintainer",IBM,Tivoli Storage Manager,7,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2021-05-06T19:25:28.000Z,0
CVE-2016-8916,https://securityvulnerability.io/vulnerability/CVE-2016-8916,,"IBM Tivoli Storage Manager 5.5, 6.1-6.4, and 7.1 stores password information in a log file that could be read by a local user when a set password command is issued. IBM X-Force ID: 118472.",IBM,Tivoli Storage Manager,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-05-05T19:00:00.000Z,0
CVE-2016-8940,https://securityvulnerability.io/vulnerability/CVE-2016-8940,,"IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. As a result, an attacker is able to submit SQL queries that access database tables that are not intended for access or use by administrators. The access of these product specific database tables may allow access to passwords or other sensitive information for the product. IBM Reference #: 1998946.",IBM,Tivoli Storage Manager,8.8,HIGH,0.0009800000116229057,false,,false,false,false,,,false,false,,2017-03-07T17:00:00.000Z,0
CVE-2016-8998,https://securityvulnerability.io/vulnerability/CVE-2016-8998,,IBM Tivoli Storage Manager Server 7.1 could allow an authenticated user with TSM administrator privileges to cause a buffer overflow using a specially crafted SQL query and execute arbitrary code on the server. IBM Reference #: 1998747.,IBM,Tivoli Storage Manager,7.2,HIGH,0.001019999966956675,false,,false,false,false,,,false,false,,2017-02-24T18:00:00.000Z,0
CVE-2016-6033,https://securityvulnerability.io/vulnerability/CVE-2016-6033,,IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 1995545.,IBM,Tivoli Storage Manager For Virtual Environments,8.8,HIGH,0.0012400000123307109,false,,false,false,false,,,false,false,,2017-02-15T19:00:00.000Z,0
CVE-2016-5934,https://securityvulnerability.io/vulnerability/CVE-2016-5934,,"IBM Tivoli Storage Manager FastBack installer could allow a remote attacker to execute arbitrary code on the system. By placing a specially-crafted DLL in the victim's path, an attacker could exploit this vulnerability when the installer is executed to run arbitrary code on the system with privileges of the victim.",IBM,Tivoli Storage Manager Fastback,7.3,HIGH,0.0014400000218302011,false,,false,false,false,,,false,false,,2017-02-08T22:00:00.000Z,0
CVE-2016-5918,https://securityvulnerability.io/vulnerability/CVE-2016-5918,,IBM Tivoli Storage Manager HSM for Windows displays the encrypted Tivoli Storage Manager password in application trace output if the password access option is prompt and the password is changed.,IBM,Tivoli Storage Manager Hsm For Windows,4.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2017-02-08T22:00:00.000Z,0
CVE-2016-6110,https://securityvulnerability.io/vulnerability/CVE-2016-6110,,IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user.,IBM,Tivoli Storage Manager,6.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-02-01T22:00:00.000Z,0
CVE-2016-0371,https://securityvulnerability.io/vulnerability/CVE-2016-0371,,The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled.,IBM Corporation,Tivoli Storage Manager,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2017-02-01T21:00:00.000Z,0
CVE-2016-6043,https://securityvulnerability.io/vulnerability/CVE-2016-6043,,Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced.,IBM,Tivoli Storage Manager Extended Edition,7,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-02-01T20:00:00.000Z,0
CVE-2016-5985,https://securityvulnerability.io/vulnerability/CVE-2016-5985,,The IBM Tivoli Storage Manager (IBM Spectrum Protect) AIX client is vulnerable to a buffer overflow when Journal-Based Backup is enabled. A local attacker could overflow a buffer and execute arbitrary code on the system or cause a system crash.,IBM,Tivoli Storage Manager,7.8,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2017-02-01T20:00:00.000Z,0
CVE-2016-6034,https://securityvulnerability.io/vulnerability/CVE-2016-6034,,IBM Tivoli Storage Manager for Virtual Environments (VMware) could disclose the Windows domain credentials to a user with a high level of privileges.,IBM,Tivoli Storage Manager For Virtual Environments,6.8,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2017-02-01T20:00:00.000Z,0
CVE-2016-6044,https://securityvulnerability.io/vulnerability/CVE-2016-6044,,"IBM Tivoli Storage Manager Operations Center could allow an authenticated attacker to enable or disable the application's REST API, which may let the attacker violate security policy.",IBM,Tivoli Storage Manager Extended Edition,4.3,MEDIUM,0.0005099999834783375,false,,false,false,false,,,false,false,,2017-02-01T20:00:00.000Z,0
CVE-2016-6045,https://securityvulnerability.io/vulnerability/CVE-2016-6045,,IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.,IBM,Tivoli Storage Manager Extended Edition,8.8,HIGH,0.0012400000123307109,false,,false,false,false,,,false,false,,2017-02-01T20:00:00.000Z,0
CVE-2016-6046,https://securityvulnerability.io/vulnerability/CVE-2016-6046,,IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.,IBM,Tivoli Storage Manager Extended Edition,5.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2017-02-01T20:00:00.000Z,0
CVE-2016-2988,https://securityvulnerability.io/vulnerability/CVE-2016-2988,,IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.4.x before 6.4.3.4 and 7.1.x before 7.1.6 allows remote authenticated users to bypass a TSM credential requirement and obtain administrative access by leveraging multiple simultaneous logins.,IBM,Tivoli Storage Manager For Virtual Environments,8.5,HIGH,0.0012799999676644802,false,,false,false,false,,,false,false,,2016-11-25T03:38:00.000Z,0
CVE-2016-5927,https://securityvulnerability.io/vulnerability/CVE-2016-5927,,"IBM Tivoli Storage Manager for Space Management (aka Spectrum Protect for Space Management) 6.3.x before 6.3.2.6, 6.4.x before 6.4.3.3, and 7.1.x before 7.1.6, when certain dsmsetpw tracing is configured, allows local users to discover an encrypted password by reading application-trace output.",IBM,Tivoli Storage Manager For Space Management,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2016-09-12T10:00:00.000Z,0
CVE-2016-3059,https://securityvulnerability.io/vulnerability/CVE-2016-3059,,IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (aka IBM Spectrum Protect for Databases) 6.3 before 6.3.1.7 and 6.4 before 6.4.1.9 and Tivoli Storage FlashCopy Manager for Microsoft SQL Server (aka IBM Spectrum Protect Snapshot) 3.1 before 3.1.1.7 and 3.2 before 3.2.1.9 allow local users to discover a cleartext SQL Server password by reading the Task List in the MMC GUI.,IBM,"Tivoli Storage Flashcopy Manager For Sql Server,Tivoli Storage Manager For Databases Data Protection For Microsoft Sql Server",6.2,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2016-08-08T01:00:00.000Z,0
CVE-2016-2894,https://securityvulnerability.io/vulnerability/CVE-2016-2894,,"IBM Spectrum Protect (formerly Tivoli Storage Manager) 5.5 through 6.3 before 6.3.2.6, 6.4 before 6.4.3.3, and 7.1 before 7.1.6 allows local users to obtain sensitive retrieved data from arbitrary accounts in opportunistic circumstances by leveraging previous use of a symlink during archive and retrieve actions.",IBM,Tivoli Storage Manager,2.5,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2016-07-03T21:00:00.000Z,0
CVE-2015-8523,https://securityvulnerability.io/vulnerability/CVE-2015-8523,,The server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to cause a denial of service (service crash) via crafted packets to a TCP port.,IBM,Tivoli Storage Manager Fastback,7.5,HIGH,0.004879999905824661,false,,false,false,false,,,false,false,,2016-04-05T17:59:00.000Z,0
CVE-2015-8522,https://securityvulnerability.io/vulnerability/CVE-2015-8522,,"Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8519, CVE-2015-8520, and CVE-2015-8521.",IBM,Tivoli Storage Manager Fastback,9.8,CRITICAL,0.8261600136756897,false,,false,false,false,,,false,false,,2016-04-05T17:59:00.000Z,0
CVE-2015-8521,https://securityvulnerability.io/vulnerability/CVE-2015-8521,,"Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8519, CVE-2015-8520, and CVE-2015-8522.",IBM,Tivoli Storage Manager Fastback,9.8,CRITICAL,0.8261600136756897,false,,false,false,false,,,false,false,,2016-04-05T17:59:00.000Z,0
CVE-2015-8519,https://securityvulnerability.io/vulnerability/CVE-2015-8519,,"Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8520, CVE-2015-8521, and CVE-2015-8522.",IBM,Tivoli Storage Manager Fastback,9.8,CRITICAL,0.8261600136756897,false,,false,false,false,,,false,false,,2016-04-05T17:59:00.000Z,0
CVE-2015-8520,https://securityvulnerability.io/vulnerability/CVE-2015-8520,,"Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8519, CVE-2015-8521, and CVE-2015-8522.",IBM,Tivoli Storage Manager Fastback,9.8,CRITICAL,0.8261600136756897,false,,false,false,false,,,false,false,,2016-04-05T17:59:00.000Z,0
CVE-2016-0213,https://securityvulnerability.io/vulnerability/CVE-2016-0213,,"Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2016-0212 and CVE-2016-0216.",IBM,Tivoli Storage Manager Fastback,9.8,CRITICAL,0.005119999870657921,false,,false,false,false,,,false,false,,2016-02-29T11:00:00.000Z,0