Maximo CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (220 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2012-3323	1 Ibm	1 Maximo Asset Management	2025-04-11	N/A
IBM Maximo Asset Management 6.2 before 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.3 allows remote attackers to gain privileges via unspecified vectors.
CVE-2012-3316	1 Ibm	7 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 4 more	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in the Tivoli Process Automation Engine (TPAE) in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2, and SmartCloud Control Desk 7.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-3322	1 Ibm	7 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 4 more	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2, and SmartCloud Control Desk 7.5 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to a display name.
CVE-2012-3326	1 Ibm	6 Change And Configuration Management Database, Maximo Asset Management, Maximo Service Desk and 3 more	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-3327	1 Ibm	7 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 4 more	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2, and SmartCloud Control Desk 7.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to a login action.
CVE-2012-3328	1 Ibm	5 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 2 more	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1, Maximo Asset Management Essentials 7.1, Tivoli Asset Management for IT 7.1 and 7.2, Tivoli Service Request Manager 7.1 and 7.2, and Change and Configuration Management Database (CCMDB) 7.1 and 7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to a hidden frame footer.
CVE-2012-6355	1 Ibm	7 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 4 more	2025-04-11	N/A
IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges via vectors related to a work order.
CVE-2012-6356	1 Ibm	3 Maximo Asset Management, Maximo Asset Management Essentials, Smartcloud Control Desk	2025-04-11	N/A
IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges via vectors related to an import operation.
CVE-2011-1394	1 Ibm	6 Maximo Asset Management, Maximo Asset Management Essentials, Maximo Service Desk and 3 more	2025-04-11	N/A
IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database (CCMDB) 6.2, 7.1, and 7.2 allow remote attackers to cause a denial of service (memory consumption) by establishing many UI sessions within one HTTP session.
CVE-2013-0451	1 Ibm	1 Maximo Asset Management	2025-04-11	N/A
SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8 and 7.1 through 7.1.1.12 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-0457	1 Ibm	3 Maximo Asset Management, Maximo Asset Management Essentials, Smartcloud Control Desk	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to a uisessionid.
CVE-2013-3047	1 Ibm	1 Maximo Asset Management	2025-04-11	N/A
IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to gain privileges via unspecified vectors.
CVE-2013-3048	1 Ibm	1 Maximo Asset Management	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-3049	1 Ibm	1 Maximo Asset Management	2025-04-11	N/A
IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-3971.
CVE-2013-3971	1 Ibm	1 Maximo Asset Management	2025-04-11	N/A
IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-3049.
CVE-2013-3972	1 Ibm	1 Maximo Asset Management	2025-04-11	N/A
IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVE-2013-3973	1 Ibm	1 Maximo Asset Management	2025-04-11	N/A
SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-4013	1 Ibm	1 Maximo Asset Management	2025-04-11	N/A
IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.2 allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2013-4014	1 Ibm	1 Maximo Asset Management	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-4017	1 Ibm	1 Maximo Asset Management	2025-04-11	N/A
SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

« first previous Page 6 of 11. next last »