ibm

8,320 tracked vulnerabilities.

CVE-2020-4831 HIGH
IBM DataPower Gateway 10.0.0.0-10.0.1.0 - Use of a Broken or Risky Cryptographic Algorithm
Mar 12, 2021
CVSS 7.5
EPSS 0.01
CVE-2020-5025 HIGH
IBM DB2 9.7-11.5 - Buffer Overflow in db2fm
Mar 11, 2021
CVSS 7.8
EPSS 0.01
CVE-2020-5024 HIGH
IBM DB2 9.7-11.5 - Unauthenticated Denial of Service via SSL Handshake Hang
Mar 11, 2021
CVSS 7.5
EPSS 0.02
CVE-2020-4976 MEDIUM
IBM DB2 9.7-11.5 - Unauthenticated Arbitrary File Read and Write via Weak File Permissions
Mar 11, 2021
CVSS 4.4
EPSS 0.00
CVE-2020-5016 MEDIUM
IBM WebSphere Application Server 7.0.0.0-7.0.0.44 - Path Traversal via JAX-RPC URL Request
Mar 10, 2021
CVSS 6.5
EPSS 0.02
CVE-2020-4717 MEDIUM
IBM SPSS Modeler Subscription Installer - Arbitrary File Write via Symbolic Link
Mar 10, 2021
CVSS 5.5
EPSS 0.00
CVE-2020-5014 MEDIUM
IBM DataPower Gateway 10.0.0.0-10.0.1.0 - Authenticated Remote Code Execution via Server-Side Request Forgery
Mar 08, 2021
CVSS 6.7
EPSS 0.01
CVE-2020-4903 MEDIUM
IBM API Connect <V10, V2018 - Info Disclosure
Mar 08, 2021
CVSS 6.5
EPSS 0.01
CVE-2020-4695 HIGH
IBM API Connect 10.0.0.0-10.0.0.9 - Cleartext Transmission of Sensitive Information during Database Replication
Mar 08, 2021
CVSS 7.5
EPSS 0.01
CVE-2020-4975 MEDIUM
IBM Engineering Lifecycle Management - Stored Cross-Site Scripting
Mar 04, 2021
CVSS 5.4
EPSS 0.01
CVE-2020-4866 MEDIUM
IBM Engineering Lifecycle Management - Stored Cross-Site Scripting
Mar 04, 2021
CVSS 5.4
EPSS 0.01
CVE-2020-4863 MEDIUM
IBM Engineering Lifecycle Management - Stored Cross-Site Scripting
Mar 04, 2021
CVSS 5.4
EPSS 0.01
CVE-2020-4857 MEDIUM
IBM Engineering Lifecycle Management - Stored Cross-Site Scripting
Mar 04, 2021
CVSS 5.4
EPSS 0.01
CVE-2020-4856 MEDIUM
IBM Engineering Lifecycle Management - Stored Cross-Site Scripting
Mar 04, 2021
CVSS 5.4
EPSS 0.01
CVE-2020-4726 LOW
IBM Cloud APM <8.1.4 - Info Disclosure
Mar 02, 2021
CVSS 3.3
EPSS 0.00
CVE-2020-4725 LOW
IBM Cloud Application Performance Management 8.1.4 - Authenticated HTML Content Modification
Mar 02, 2021
CVSS 3.5
EPSS 0.01
CVE-2020-4719 MEDIUM
IBM Cloud APM 8.1.4 - DNS Query Injection via Webhook URL Configuration
Mar 02, 2021
CVSS 4.9
EPSS 0.01
CVE-2020-4931 MEDIUM
IBM MQ 9.1 LTS, 9.2 LTS, and 9.1 CD - Authenticated Denial of Service via AMQP Channel Message Processing
Feb 24, 2021
CVSS 6.5
EPSS 0.01
CVE-2020-4953 MEDIUM
IBM Planning Analytics 2.0 - Authenticated Exposure of Sensitive Information via HTTP Responses
Feb 23, 2021
CVSS 4.3
EPSS 0.01
CVE-2020-4933 MEDIUM
IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, 7.0.2 - Cross-Site Scripting
Feb 18, 2021
CVSS 5.4
EPSS 0.01
CVE-2020-4956 MEDIUM
IBM Spectrum Protect Operations Center 7.1.0.000-7.1.12.999 - Denial of Service via RPC Cache Dump
Feb 15, 2021
CVSS 4.8
EPSS 0.00
CVE-2020-4955 HIGH
IBM Spectrum Protect Operations Center - Unrestricted File Upload
Feb 15, 2021
CVSS 8.0
EPSS 0.01
CVE-2020-4954 MEDIUM
IBM Spectrum Protect Operations Center <8.1 - Auth Bypass
Feb 15, 2021
CVSS 5.4
EPSS 0.01
CVE-2020-4768 MEDIUM
IBM Business Automation Workflow 18.0-20.0 and Case Manager 5.2-5.3 - Stored Cross-Site Scripting
Feb 11, 2021
CVSS 5.4
EPSS 0.00
CVE-2020-5023 HIGH
IBM Spectrum Protect Plus 10.1.0-10.1.7 - Denial of Service via Arbitrary Data Injection
Feb 10, 2021
CVSS 7.5
EPSS 0.02