ibm

8,320 tracked vulnerabilities.

CVE-2020-4757 MEDIUM
IBM Content Navigator 3.0.CD - Stored Cross-Site Scripting
Dec 21, 2020
CVSS 6.4
EPSS 0.01
CVE-2020-4555 MEDIUM
IBM Financial Transaction Manager <3.1.0 - Privilege Escalation
Dec 21, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-4764 MEDIUM
IBM Planning Analytics 2.0 - Cross-Site Request Forgery
Dec 18, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-4846 LOW
IBM Security Key Lifecycle Manager 3.0.1-3.0.1.5 - Sensitive Information Exposure via Error Message
Dec 17, 2020
CVSS 2.7
EPSS 0.01
CVE-2020-4845 MEDIUM
IBM Security Key Lifecycle Manager 3.0.1-3.0.1.5 - Cross-Site Scripting
Dec 17, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-4908 MEDIUM
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 - Information Exposure via Login Dialog
Dec 16, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-4907 MEDIUM
IBM Financial Transaction Manager for SWIFT Services 3.2.4 - Sensitive Information Exposure
Dec 16, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-4906 LOW
IBM Financial Transaction Manager - Info Disclosure
Dec 16, 2020
CVSS 3.3
EPSS 0.00
CVE-2020-4905 MEDIUM
IBM Financial Transaction Manager - Info Disclosure
Dec 16, 2020
CVSS 5.9
EPSS 0.01
CVE-2020-4904 MEDIUM
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 - Cross-Site Request Forgery
Dec 16, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-4658 MEDIUM
IBM Sterling File Gateway 2.2.0.0-6.0.3.2 - Stored Cross-Site Scripting in Web UI
Dec 16, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-4657 MEDIUM
IBM Sterling B2B Integrator 5.2.0.0-6.0.3.2 - Cross-Site Scripting in Web UI
Dec 16, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-4849 MEDIUM
IBM Tivoli Netcool Impact 7.1.0.0-7.1.0.19 - Open Redirect via Reverse Tabnabbing
Dec 15, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-4747 CRITICAL
IBM Connect:Direct for UNIX 6.1.0, 6.0.0, 4.3.0, and 4.2.0 - Improper Authentication
Dec 15, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-4633 HIGH
IBM Resilient SOAR V38.0 - Code Injection
Dec 11, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-4829 HIGH
IBM AIX <7.2 - Privilege Escalation
Dec 10, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-4900 MEDIUM
IBM Business Automation Workflow 19.0.0.3 - Sensitive Information Exposure in Log Files
Nov 30, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-4696 MEDIUM
IBM Cloud Pak for Security 1.3.0.1 - Insufficient Session Expiration
Nov 30, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-4627 CRITICAL
IBM Cloud Pak for Security <1.3.0.1 - Command Injection
Nov 30, 2020
CVSS 9.0
EPSS 0.02
CVE-2020-4626 MEDIUM
IBM Cloud Pak for Security <1.3.0.1 - Info Disclosure
Nov 30, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-4625 MEDIUM
IBM Cloud Pak for Security 1.3.0.1 - Sensitive Information Exposure via Missing HTTPOnly Flag
Nov 30, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-4624 MEDIUM
IBM Cloud Pak for Security 1.3.0.1 - Use of a Broken or Risky Cryptographic Algorithm
Nov 30, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-4854 CRITICAL
IBM Spectrum Protect Plus 10.1.0-10.1.6 - Use of Hard-coded Credentials
Nov 23, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-4783 MEDIUM
IBM Spectrum Protect Plus 10.1.0-10.1.6 - Information Disclosure via Missing HSTS Enforcement
Nov 23, 2020
CVSS 5.9
EPSS 0.01
CVE-2020-4771 MEDIUM
IBM Spectrum Protect Operations Center 7.1.0.000-7.1.11 - Sensitive Information Exposure via WebSocket
Nov 23, 2020
CVSS 5.3
EPSS 0.02