ibm

8,320 tracked vulnerabilities.

CVE-2020-4466 MEDIUM
IBM MQ for HPE NonStop 8.0.4 and 8.1.0 - Authenticated Denial of Service in Queue Processing Function
Jul 20, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-4361 MEDIUM
IBM Planning Analytics 2.0 - Unauthorized Sensitive Information Exposure via HTTP Response
Jul 20, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-4464 HIGH
IBM WebSphere Application Server 7.0.0.0-7.0.0.44 - Remote Code Execution via SOAP Connector Deserialization
Jul 17, 2020
CVSS 8.8
EPSS 0.13
CVE-2020-4462 HIGH
IBM Sterling External Authentication Server and Sterling Secure Proxy - XML External Entity Injection
Jul 16, 2020
CVSS 8.2
EPSS 0.03
CVE-2020-4316 MEDIUM
IBM Publishing Engine <7.0 - Open Redirect
Jul 16, 2020
CVSS 4.7
EPSS 0.01
CVE-2020-4513 MEDIUM
IBM QRadar SIEM 7.3-7.4 - Stored Cross-Site Scripting
Jul 14, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-4512 HIGH
IBM QRadar SIEM 7.3-7.4 - Authenticated Remote Command Execution
Jul 14, 2020
CVSS 7.2
EPSS 0.02
CVE-2020-4511 MEDIUM
IBM QRadar SIEM 7.3-7.4 - Authenticated Denial of Service via Malformed Sflow Command
Jul 14, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-4510 MEDIUM
IBM QRadar SIEM 7.3-7.4 - XML External Entity Injection
Jul 14, 2020
CVSS 5.5
EPSS 0.02
CVE-2020-4364 MEDIUM
IBM QRadar SIEM 7.3-7.4 - Stored Cross-Site Scripting
Jul 14, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-4305 HIGH
IBM InfoSphere Information Server 11.3, 11.5, 11.7 - Remote Code Execution via Untrusted Data Deserialization
Jul 09, 2020
CVSS 8.8
EPSS 0.05
CVE-2020-4173 MEDIUM
IBM Guardium Activity Insights <11.0 - Open Redirect
Jul 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-4420 HIGH
IBM DB2 9.7, 10.1, 10.5, 11.1, 11.5 - Unauthenticated Denial of Service via Terminate Command Hang
Jul 01, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-4414 MEDIUM
IBM DB2 9.7, 10.1, 10.5, 11.1, 11.5 - Unauthorized Actions via Shared Memory
Jul 01, 2020
CVSS 4.4
EPSS 0.00
CVE-2020-4387 MEDIUM
IBM DB2 9.7, 10.1, 10.5, 11.1, 11.5 - Sensitive Information Exposure via Symbolic Link Race Condition
Jul 01, 2020
CVSS 4.7
EPSS 0.00
CVE-2020-4386 MEDIUM
IBM DB2 9.7, 10.1, 10.5, 11.1, 11.5 - Sensitive Information Exposure via Symbolic Link Race Condition
Jul 01, 2020
CVSS 4.7
EPSS 0.00
CVE-2020-4376 MEDIUM
IBM MQ for HPE NonStop 8.0.4 and 8.1.0 - Denial of Service in PubSub Logic
Jul 01, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-4363 HIGH
IBM DB2 9.7, 10.1, 10.5, 11.1, 11.5 - Buffer Overflow
Jul 01, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-4355 MEDIUM
IBM DB2 9.7, 10.1, 10.5, 11.1, 11.5 - Denial of Service via SSL Renegotiation Requests
Jul 01, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-4557 MEDIUM
IBM Business Automation Workflow 18.0, 19.0, 20.0 and Business Process Manager 8.5, 8.6 - Cross-Site Scripting
Jun 29, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-4452 HIGH
IBM API Connect 2018.4.1.0-2018.4.1.11 - Use of a Broken or Risky Cryptographic Algorithm
Jun 29, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-4565 MEDIUM
IBM Spectrum Protect Plus 10.1.0-10.1.5 - Exposure of Sensitive Information via Insecure Communications
Jun 26, 2020
CVSS 5.9
EPSS 0.01
CVE-2020-4223 MEDIUM
IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 - Cross-Site Scripting
Jun 26, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-4413 MEDIUM
IBM Security Secret Server < 10.8 - Sensitive Information Exposure via Missing HSTS Enforcement
Jun 24, 2020
CVSS 5.9
EPSS 0.01
CVE-2020-4342 MEDIUM
IBM Security Secret Server 10.7 - Info Disclosure
Jun 24, 2020
CVSS 5.3
EPSS 0.01