ibm

8,286 tracked vulnerabilities.

CVE-2025-2134 LOW
IBM Jazz Reporting Service - Authenticated Denial of Service via Complicated Queries
Feb 04, 2026
CVSS 3.5
EPSS 0.00
CVE-2025-27550 LOW
IBM Jazz Reporting Service - Info Disclosure
Feb 04, 2026
CVSS 3.5
EPSS 0.00
CVE-2025-1823 LOW
IBM Jazz Reporting Service - Authenticated Denial of Service via SQL Query Memory Exhaustion
Feb 04, 2026
CVSS 3.5
EPSS 0.00
CVE-2025-13375 CRITICAL
IBM CCA 7.5.52-8.4.82 - Privilege Escalation
Feb 04, 2026
CVSS 9.8
EPSS 0.01
CVE-2025-36094 MEDIUM
IBM Cloud Pak for Business Automation <25.0.0-24.0.1 - DoS
Feb 03, 2026
CVSS 5.4
EPSS 0.00
CVE-2025-36033 MEDIUM
IBM Engineering Lifecycle Management - XSS
Feb 03, 2026
CVSS 5.4
EPSS 0.00
CVE-2025-33081 LOW
IBM Concert <2.1.0 - Info Disclosure
Feb 03, 2026
CVSS 3.3
EPSS 0.00
CVE-2025-36436 MEDIUM
IBM Cloud Pak for Business Automation <25.0.0-24.0.1 - XSS
Feb 02, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-36253 MEDIUM
IBM Concert <2.1.0 - Info Disclosure
Feb 02, 2026
CVSS 5.9
EPSS 0.00
CVE-2025-36238 MEDIUM
IBM PowerVM Hypervisor - Info Disclosure
Feb 02, 2026
CVSS 6.0
EPSS 0.00
CVE-2025-36194 LOW
IBM PowerVM Hypervisor - Info Disclosure
Feb 02, 2026
CVSS 2.8
EPSS 0.00
CVE-2025-13096 HIGH
IBM Business Automation Workflow < 24.0.0 - XML External Entity Injection
Feb 02, 2026
CVSS 7.1
EPSS 0.00
CVE-2025-15395 MEDIUM
IBM Jazz Foundation 7.0.3-7.0.3 iFix019 and 7.1.0-7.1.0 iFix005 - Incorrect Authorization
Feb 02, 2026
CVSS 4.3
EPSS 0.00
CVE-2025-14914 HIGH
IBM WebSphere Liberty 17.0.0.3-26.0.0.1 Path Traversal & Arbitrary File Write via Zip Upload
Feb 02, 2026
CVSS 7.6
EPSS 0.00
CVE-2025-36442 MEDIUM
IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.3 - Denial of Service via Crafted Query with XML Columns
Jan 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-36428 MEDIUM
IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.3 - Authenticated Denial of Service via RPSCAN Feature
Jan 30, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-36427 MEDIUM
IBM Db2 11.5.0-11.5.8 - Denial of Service via Insufficient Data Query Validation
Jan 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-36424 MEDIUM
IBM Db2 11.5.0-11.5.8 - Denial of Service via Improper Data Query Logic Neutralization
Jan 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-36423 MEDIUM
IBM Db2 12.1.0-12.1.3 - Denial of Service via Data Query Logic
Jan 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-36407 MEDIUM
IBM Db2 11.5.0-11.5.8 - Denial of Service via ALTER TABLE Query
Jan 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-36387 MEDIUM
IBM Db2 11.5.0-11.5.9 - Authenticated Denial of Service via Crafted Query
Jan 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-36384 HIGH
IBM Db2 for Windows <12.1.3 - Privilege Escalation
Jan 30, 2026
CVSS 8.4
EPSS 0.00
CVE-2025-36366 MEDIUM
IBM Db2 11.5.0-11.5.8 - Denial of Service via JSON_Object Scalar Function
Jan 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-36365 MEDIUM
IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.3 - Authenticated Authorization Bypass via Cataloged Remote Storage Alias
Jan 30, 2026
CVSS 6.8
EPSS 0.00
CVE-2025-36353 MEDIUM
IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.3 - Denial of Service via Data Query Logic
Jan 30, 2026
CVSS 6.2
EPSS 0.00