ibm

8,320 tracked vulnerabilities.

CVE-2020-4895 MEDIUM
IBM Emptoris Strategic Supply Management 10.1.0-10.1.0.38 - Stored Cross-Site Scripting
Jan 07, 2021
CVSS 5.4
EPSS 0.01
CVE-2020-4893 MEDIUM
IBM Emptoris Strategic Supply Management 10.1.0-10.1.0.38 - Cleartext Transmission of Sensitive Information
Jan 07, 2021
CVSS 5.9
EPSS 0.01
CVE-2020-4892 MEDIUM
IBM Emptoris Contract Management 10.1.3.0-10.1.3.29 - Stored Cross-Site Scripting
Jan 07, 2021
CVSS 5.4
EPSS 0.01
CVE-2020-4336 MEDIUM
IBM WebSphere eXtreme Scale 8.6.1.0-8.6.1.3 - Exposure of Sensitive Information via URL Parameters
Jan 06, 2021
CVSS 5.3
EPSS 0.01
CVE-2020-4899 CRITICAL
IBM API Connect 5.0.0.0-5.0.8.10 - Cleartext Transmission of Sensitive Information
Jan 05, 2021
CVSS 9.1
EPSS 0.01
CVE-2020-4762 HIGH
IBM Sterling B2B Integrator - Privilege Escalation
Jan 05, 2021
CVSS 8.8
EPSS 0.01
CVE-2020-4761 MEDIUM
IBM Sterling B2B Integrator 5.2.0.0-5.2.6.5_2, 6.0.0.0-6.0.3.2, 6.1.0.0 - Sensitive Info Exposure via Error
Jan 05, 2021
CVSS 5.3
EPSS 0.01
CVE-2020-4942 HIGH
IBM Curam Social Program Management 7.0.9 and 7.0.11 - Cross-Site Request Forgery
Jan 04, 2021
CVSS 8.8
EPSS 0.01
CVE-2020-4928 MEDIUM
IBM Cloud Pak System 2.3.0.0-2.3.3.2 - Arbitrary File Upload via File Extension Manipulation
Jan 04, 2021
CVSS 6.7
EPSS 0.00
CVE-2020-4919 LOW
IBM Cloud Pak System <2.3 - Privilege Escalation
Jan 04, 2021
CVSS 3.8
EPSS 0.01
CVE-2020-4918 MEDIUM
IBM Cloud Pak System 2.3.0.0-2.3.3.2 - Sensitive Information Disclosure via Insecure Direct Object Reference
Jan 04, 2021
CVSS 4.4
EPSS 0.00
CVE-2020-4917 HIGH
IBM Cloud Pak System 2.3.0.0-2.3.3.2 - Cross-Site Request Forgery
Jan 04, 2021
CVSS 8.8
EPSS 0.00
CVE-2020-4916 MEDIUM
IBM Cloud Pak System 2.3.0.0-2.3.3.2 - Cross-Site Scripting in Web UI
Jan 04, 2021
CVSS 4.8
EPSS 0.01
CVE-2020-4913 MEDIUM
IBM Cloud Pak System 2.3.0.0-2.3.3.2 - Credential Exposure to Local Privileged User
Jan 04, 2021
CVSS 4.4
EPSS 0.00
CVE-2020-4912 HIGH
IBM Cloud Pak System 2.3.0.0-2.3.3.2 - Privilege Escalation via User Request URL Capture
Jan 04, 2021
CVSS 7.2
EPSS 0.01
CVE-2020-4910 MEDIUM
IBM Cloud Pak System 2.3.0.0-2.3.3.2 - Cross-Site Scripting in Web UI
Jan 04, 2021
CVSS 4.8
EPSS 0.01
CVE-2020-4909 MEDIUM
IBM Cloud Pak System 2.3.0.0-2.3.3.2 - Cross-Site Scripting
Jan 04, 2021
CVSS 4.8
EPSS 0.01
CVE-2020-4642 MEDIUM
IBM DB2 9.7, 10.1, 10.5, 11.1, 11.5 - Denial of Service in DB2 Management Service
Dec 23, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-4988 CRITICAL
IBM Loopback 8.0.0 - Denial of Service via JavaScript Value Manipulation
Dec 21, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-4870 HIGH
IBM MQ 9.2 CD and LTS - Denial of Service via Connecting Application Processing
Dec 21, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-4843 MEDIUM
IBM Security Secret Server 10.6 - Authenticated Sensitive Information Exposure via Config Files
Dec 21, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-4842 MEDIUM
IBM Security Secret Server 10.6 - Sensitive Information Exposure via Error Message
Dec 21, 2020
CVSS 4.9
EPSS 0.01
CVE-2020-4841 MEDIUM
IBM Security Secret Server 10.6 - Missing Authorization
Dec 21, 2020
CVSS 5.9
EPSS 0.01
CVE-2020-4840 MEDIUM
IBM Security Secret Server 10.6 - Open Redirect
Dec 21, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-4794 MEDIUM
IBM Automation Workstream Services 19.0.3, 20.0.1-20.0.2 - Authenticated Information Disclosure and Denial of Service
Dec 21, 2020
CVSS 5.4
EPSS 0.01