ibm
8,320 tracked vulnerabilities.
CVE-2020-4757
MEDIUM
IBM Content Navigator 3.0.CD - Stored Cross-Site Scripting
Dec 21, 2020
CVSS 6.4
EPSS 0.01
CVE-2020-4555
MEDIUM
IBM Financial Transaction Manager <3.1.0 - Privilege Escalation
Dec 21, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-4764
MEDIUM
IBM Planning Analytics 2.0 - Cross-Site Request Forgery
Dec 18, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-4846
LOW
IBM Security Key Lifecycle Manager 3.0.1-3.0.1.5 - Sensitive Information Exposure via Error Message
Dec 17, 2020
CVSS 2.7
EPSS 0.01
CVE-2020-4845
MEDIUM
IBM Security Key Lifecycle Manager 3.0.1-3.0.1.5 - Cross-Site Scripting
Dec 17, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-4908
MEDIUM
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 - Information Exposure via Login Dialog
Dec 16, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-4907
MEDIUM
IBM Financial Transaction Manager for SWIFT Services 3.2.4 - Sensitive Information Exposure
Dec 16, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-4906
LOW
IBM Financial Transaction Manager - Info Disclosure
Dec 16, 2020
CVSS 3.3
EPSS 0.00
CVE-2020-4905
MEDIUM
IBM Financial Transaction Manager - Info Disclosure
Dec 16, 2020
CVSS 5.9
EPSS 0.01
CVE-2020-4904
MEDIUM
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 - Cross-Site Request Forgery
Dec 16, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-4658
MEDIUM
IBM Sterling File Gateway 2.2.0.0-6.0.3.2 - Stored Cross-Site Scripting in Web UI
Dec 16, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-4657
MEDIUM
IBM Sterling B2B Integrator 5.2.0.0-6.0.3.2 - Cross-Site Scripting in Web UI
Dec 16, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-4849
MEDIUM
IBM Tivoli Netcool Impact 7.1.0.0-7.1.0.19 - Open Redirect via Reverse Tabnabbing
Dec 15, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-4747
CRITICAL
IBM Connect:Direct for UNIX 6.1.0, 6.0.0, 4.3.0, and 4.2.0 - Improper Authentication
Dec 15, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-4633
HIGH
IBM Resilient SOAR V38.0 - Code Injection
Dec 11, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-4829
HIGH
IBM AIX <7.2 - Privilege Escalation
Dec 10, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-4900
MEDIUM
IBM Business Automation Workflow 19.0.0.3 - Sensitive Information Exposure in Log Files
Nov 30, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-4696
MEDIUM
IBM Cloud Pak for Security 1.3.0.1 - Insufficient Session Expiration
Nov 30, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-4627
CRITICAL
IBM Cloud Pak for Security <1.3.0.1 - Command Injection
Nov 30, 2020
CVSS 9.0
EPSS 0.02
CVE-2020-4626
MEDIUM
IBM Cloud Pak for Security <1.3.0.1 - Info Disclosure
Nov 30, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-4625
MEDIUM
IBM Cloud Pak for Security 1.3.0.1 - Sensitive Information Exposure via Missing HTTPOnly Flag
Nov 30, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-4624
MEDIUM
IBM Cloud Pak for Security 1.3.0.1 - Use of a Broken or Risky Cryptographic Algorithm
Nov 30, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-4854
CRITICAL
IBM Spectrum Protect Plus 10.1.0-10.1.6 - Use of Hard-coded Credentials
Nov 23, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-4783
MEDIUM
IBM Spectrum Protect Plus 10.1.0-10.1.6 - Information Disclosure via Missing HSTS Enforcement
Nov 23, 2020
CVSS 5.9
EPSS 0.01
CVE-2020-4771
MEDIUM
IBM Spectrum Protect Operations Center 7.1.0.000-7.1.11 - Sensitive Information Exposure via WebSocket
Nov 23, 2020
CVSS 5.3
EPSS 0.02
Products
websphere_application_server 465
aix 400
db2 339
rational_quality_manager 202
sterling_b2b_integrator 195
qradar_security_information_and_event_manager 190
infosphere_information_server 189
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 104
sterling_file_gateway 93
vios 92
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
api_connect 81
rational_software_architect_design_manager 81
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
i 65
smartcloud_control_desk 65
Quick Filters