ibm

8,320 tracked vulnerabilities.

CVE-2020-4576 HIGH
IBM WebSphere App Server <9.0 - Info Disclosure
Oct 01, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-4629 LOW
IBM WebSphere Application Server 7.0-9.0 - Information Disclosure via Detailed Error Messages
Sep 30, 2020
CVSS 3.3
EPSS 0.00
CVE-2020-4607 HIGH
IBM Security Verify Privilege Vault Remote 1.2 - Security Restriction Bypass via Improper Input Validation
Sep 29, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-4727 MEDIUM
IBM InfoSphere Information Server 11.7 - CSRF
Sep 25, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-4531 MEDIUM
IBM Business Automation Workflow <20.0 - Info Disclosure
Sep 25, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-4340 MEDIUM
IBM Security Secret Server < 10.9 - SSL Security Bypass via Improper Certificate Validation
Sep 23, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-4324 MEDIUM
IBM Security Secret Server < 10.9 - Security Restriction Bypass via Improper Input Validation
Sep 23, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-4622 HIGH
IBM Data Risk Manager < 2.0.6.4 - Use of Hard-coded Credentials
Sep 22, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-4621 HIGH
IBM Data Risk Manager < 2.0.6.4 - Authenticated Privilege Escalation via Insufficient Authorization Checks
Sep 22, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-4620 HIGH
IBM Data Risk Manager < 2.0.6.4 - Authenticated Arbitrary File Upload via Improper File Extension Validation
Sep 22, 2020
CVSS 8.8
EPSS 0.05
CVE-2020-4619 MEDIUM
IBM Data Risk Manager < 2.0.6.4 - Authenticated Cleartext Storage of Sensitive Information
Sep 22, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-4618 MEDIUM
IBM Data Risk Manager < 2.0.6.4 - Denial of Service via Improper Input Validation
Sep 22, 2020
CVSS 4.9
EPSS 0.01
CVE-2020-4617 HIGH
IBM Data Risk Manager < 2.0.6.4 - Cross-Site Request Forgery
Sep 22, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-4616 MEDIUM
IBM Data Risk Manager <2.0.6 - Info Disclosure
Sep 22, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-4615 MEDIUM
IBM Data Risk Manager < 2.0.6.4 - Stored Cross-Site Scripting
Sep 22, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-4614 HIGH
IBM Data Risk Manager < 2.0.6.4 - Use of a Broken or Risky Cryptographic Algorithm
Sep 22, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-4613 HIGH
IBM Data Risk Manager < 2.0.6.4 - Use of a Broken or Risky Cryptographic Algorithm
Sep 22, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-4612 MEDIUM
IBM Data Risk Manager <2.0.6 - Info Disclosure
Sep 22, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-4611 HIGH
IBM Data Risk Mgr <2.0.6 - Privilege Escalation
Sep 22, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-4643 HIGH
IBM WebSphere Application Server 7.0.0.0-7.0.0.45 - XML External Entity Injection
Sep 21, 2020
CVSS 7.5
EPSS 0.03
CVE-2020-4731 MEDIUM
IBM Aspera Shares < 1.9.14 - Cross-Site Scripting
Sep 21, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-4590 MEDIUM
IBM WebSphere Liberty 17.0.0.3-20.0.0.9 DoS via OAuth 2.0/OpenID
Sep 21, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-4581 HIGH
IBM DataPower Gateway 2018.4.1.0-2018.4.1.12 - Denial of Service via Chunked Transfer-Encoding HTTP/2 Request
Sep 21, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-4580 HIGH
IBM DataPower Gateway 2018.4.1.0-2018.4.1.12 - Denial of Service via JSON Request with Invalid Characters
Sep 21, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-4579 HIGH
IBM DataPower Gateway 2018.4.1.0-2018.4.1.12 - Denial of Service via HTTP/2 Request with Invalid Characters
Sep 21, 2020
CVSS 7.5
EPSS 0.02