ibm
8,320 tracked vulnerabilities.
CVE-2020-4576
HIGH
IBM WebSphere App Server <9.0 - Info Disclosure
Oct 01, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-4629
LOW
IBM WebSphere Application Server 7.0-9.0 - Information Disclosure via Detailed Error Messages
Sep 30, 2020
CVSS 3.3
EPSS 0.00
CVE-2020-4607
HIGH
IBM Security Verify Privilege Vault Remote 1.2 - Security Restriction Bypass via Improper Input Validation
Sep 29, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-4727
MEDIUM
IBM InfoSphere Information Server 11.7 - CSRF
Sep 25, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-4531
MEDIUM
IBM Business Automation Workflow <20.0 - Info Disclosure
Sep 25, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-4340
MEDIUM
IBM Security Secret Server < 10.9 - SSL Security Bypass via Improper Certificate Validation
Sep 23, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-4324
MEDIUM
IBM Security Secret Server < 10.9 - Security Restriction Bypass via Improper Input Validation
Sep 23, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-4622
HIGH
IBM Data Risk Manager < 2.0.6.4 - Use of Hard-coded Credentials
Sep 22, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-4621
HIGH
IBM Data Risk Manager < 2.0.6.4 - Authenticated Privilege Escalation via Insufficient Authorization Checks
Sep 22, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-4620
HIGH
IBM Data Risk Manager < 2.0.6.4 - Authenticated Arbitrary File Upload via Improper File Extension Validation
Sep 22, 2020
CVSS 8.8
EPSS 0.05
CVE-2020-4619
MEDIUM
IBM Data Risk Manager < 2.0.6.4 - Authenticated Cleartext Storage of Sensitive Information
Sep 22, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-4618
MEDIUM
IBM Data Risk Manager < 2.0.6.4 - Denial of Service via Improper Input Validation
Sep 22, 2020
CVSS 4.9
EPSS 0.01
CVE-2020-4617
HIGH
IBM Data Risk Manager < 2.0.6.4 - Cross-Site Request Forgery
Sep 22, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-4616
MEDIUM
IBM Data Risk Manager <2.0.6 - Info Disclosure
Sep 22, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-4615
MEDIUM
IBM Data Risk Manager < 2.0.6.4 - Stored Cross-Site Scripting
Sep 22, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-4614
HIGH
IBM Data Risk Manager < 2.0.6.4 - Use of a Broken or Risky Cryptographic Algorithm
Sep 22, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-4613
HIGH
IBM Data Risk Manager < 2.0.6.4 - Use of a Broken or Risky Cryptographic Algorithm
Sep 22, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-4612
MEDIUM
IBM Data Risk Manager <2.0.6 - Info Disclosure
Sep 22, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-4611
HIGH
IBM Data Risk Mgr <2.0.6 - Privilege Escalation
Sep 22, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-4643
HIGH
IBM WebSphere Application Server 7.0.0.0-7.0.0.45 - XML External Entity Injection
Sep 21, 2020
CVSS 7.5
EPSS 0.03
CVE-2020-4731
MEDIUM
IBM Aspera Shares < 1.9.14 - Cross-Site Scripting
Sep 21, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-4590
MEDIUM
IBM WebSphere Liberty 17.0.0.3-20.0.0.9 DoS via OAuth 2.0/OpenID
Sep 21, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-4581
HIGH
IBM DataPower Gateway 2018.4.1.0-2018.4.1.12 - Denial of Service via Chunked Transfer-Encoding HTTP/2 Request
Sep 21, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-4580
HIGH
IBM DataPower Gateway 2018.4.1.0-2018.4.1.12 - Denial of Service via JSON Request with Invalid Characters
Sep 21, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-4579
HIGH
IBM DataPower Gateway 2018.4.1.0-2018.4.1.12 - Denial of Service via HTTP/2 Request with Invalid Characters
Sep 21, 2020
CVSS 7.5
EPSS 0.02
Products
websphere_application_server 465
aix 400
db2 339
rational_quality_manager 202
sterling_b2b_integrator 195
qradar_security_information_and_event_manager 190
infosphere_information_server 189
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 104
sterling_file_gateway 93
vios 92
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
api_connect 81
rational_software_architect_design_manager 81
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
i 65
smartcloud_control_desk 65
Quick Filters