ibm

8,320 tracked vulnerabilities.

CVE-2020-4945 HIGH
IBM Db2 11.5 - Authenticated Arbitrary File Write via Improper Group Permissions
Jun 24, 2021
CVSS 8.1
EPSS 0.01
CVE-2020-4885 MEDIUM
IBM Db2 - Improper Link Resolution Before File Access via Symbolic Link Race Condition
Jun 24, 2021
CVSS 4.7
EPSS 0.00
CVE-2020-5000 MEDIUM
IBM Financial Transaction Manager 3.2.0-3.2.8 - Cross-Site Scripting
Jun 15, 2021
CVSS 5.4
EPSS 0.00
CVE-2020-5003 CRITICAL
IBM Financial Transaction Manager 3.2.4 - XML External Entity Injection
Jun 11, 2021
CVSS 9.1
EPSS 0.02
CVE-2020-5008 MEDIUM
IBM DataPower Gateway 10.0.0.0-10.0.1.0 & 2018.4.1.0-2018.4.1.14 - Sensitive Info in GET Requests
Jun 07, 2021
CVSS 5.3
EPSS 0.01
CVE-2020-5030 MEDIUM
IBM Jazz Foundation and Engineering Products - Stored Cross-Site Scripting
Jun 02, 2021
CVSS 5.4
EPSS 0.00
CVE-2020-4977 MEDIUM
IBM Engineering Lifecycle Optimization - Publishing - Stored Cross-Site Scripting
Jun 02, 2021
CVSS 5.4
EPSS 0.00
CVE-2020-4732 MEDIUM
IBM Jazz Foundation - Info Disclosure
Jun 02, 2021
CVSS 6.5
EPSS 0.01
CVE-2020-4495 HIGH
IBM Jazz Foundation and Engineering Products - Unauthenticated Privilege Escalation via REST API
Jun 02, 2021
CVSS 8.8
EPSS 0.03
CVE-2020-4561 CRITICAL
IBM Cognos Analytics <11.1 - Info Disclosure
Jun 01, 2021
CVSS 10.0
EPSS 0.03
CVE-2020-4520 HIGH
IBM Cognos Analytics 11.0 and 11.1 - Stored Cross-Site Scripting
Jun 01, 2021
CVSS 8.8
EPSS 0.03
CVE-2020-4354 MEDIUM
IBM Cognos Analytics 11.0 and 11.1 - Cross-Site Scripting
Jun 01, 2021
CVSS 5.4
EPSS 0.01
CVE-2020-4300 HIGH
IBM Cognos Analytics 11.0 and 11.1 - XML External Entity Injection
Jun 01, 2021
CVSS 8.2
EPSS 0.04
CVE-2020-4839 MEDIUM
IBM Host Firmware for LC-class Systems - Stack-Based Buffer Overflow
May 25, 2021
CVSS 4.9
EPSS 0.02
CVE-2020-4990 HIGH
IBM Security Guardium 11.2 - SQL Injection
May 24, 2021
CVSS 8.8
EPSS 0.01
CVE-2020-4850 HIGH
IBM Spectrum Scale <1.1.8.4 - Info Disclosure
May 20, 2021
CVSS 7.5
EPSS 0.01
CVE-2020-4765 LOW
IBM Cloud Pak for Multicloud Management <2.3 - Info Disclosure
May 19, 2021
CVSS 3.3
EPSS 0.00
CVE-2020-4646 MEDIUM
IBM Sterling B2B Integrator - Info Disclosure
May 19, 2021
CVSS 4.3
EPSS 0.01
CVE-2020-4670 CRITICAL
IBM Planning Analytics Local 2.0 - Unauthenticated Redis Server Access
May 17, 2021
CVSS 9.1
EPSS 0.02
CVE-2020-4669 CRITICAL
IBM Planning Analytics Local 2.0 - Unauthenticated Database Access via MongoDB
May 17, 2021
CVSS 9.1
EPSS 0.02
CVE-2020-4985 HIGH
IBM Planning Analytics Local 2.0 - Info Disclosure
May 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2020-4811 LOW
IBM Cloud Pak for Security 1.4.0.0-1.6.0.1 Authenticated Data Injection
May 14, 2021
CVSS 2.4
EPSS 0.01
CVE-2020-4536 MEDIUM
IBM OpenPages GRC Platform 8.0.0.0-8.1.0.1 - Sensitive Information Exposure via Error Message
May 11, 2021
CVSS 4.3
EPSS 0.01
CVE-2020-4535 MEDIUM
IBM OpenPages GRC Platform 8.0.0.0-8.1.0.1 - Cross-Site Scripting
May 11, 2021
CVSS 5.4
EPSS 0.00
CVE-2020-4901 MEDIUM
IBM Robotic Process Automation 11.0 - Info Disclosure & DoS via Username Enumeration
May 07, 2021
CVSS 6.5
EPSS 0.01