Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / ibm

ibm

8,153 tracked vulnerabilities.

CVE-2025-1826 MEDIUM

IBM Engineering Requirements Management DOORS Next 7.0.2-7.1.0 - XSS

CVE-2025-36356 CRITICAL

IBM Security Verify Access <11.0.1.0 - Privilege Escalation

CVE-2025-36355 HIGH

IBM Security Verify Access <11.0.2 - RCE

CVE-2025-36354 HIGH

IBM Security Verify Access 10.0.0.0-10.0.9.0 and 11.0.0.0-11.0.1.0 - Unauthenticated OS Command Injection

CVE-2025-36262 MEDIUM

IBM Planning Analytics Local <2.0.106, <2.1.13 - Info Disclosure

CVE-2025-36132 MEDIUM

IBM Planning Analytics Local 2.0.0-2.0.106 and 2.1.0-2.1.13 - Authenticated Stored Cross-Site Scripting

CVE-2025-36245 HIGH

IBM InfoSphere Information Server 11.7.0.0-11.7.1.6 - Authenticated OS Command Injection

CVE-2025-36099 MEDIUM

IBM WebSphere Application Server 8.5 and 9.0 - Denial of Service via Crafted Request

CVE-2025-36352 MEDIUM

IBM License Metric Tool 9.2.0-9.2.40 - Authenticated Stored Cross-Site Scripting

CVE-2025-36351 MEDIUM

IBM License Metric Tool 9.2.0-9.2.40 - Authenticated Access Control Bypass in REST API

CVE-2025-36239 MEDIUM

IBM Storage TS4500 Library 1.11.0.0 and 2.11.0.0 - Unauthenticated Cross-Site Scripting

CVE-2025-36144 LOW

IBM watsonx.data 2.2 - Sensitive Information Exposure in Log Files

CVE-2025-36326 LOW

IBM Cognos Controller <11.0.1 - Info Disclosure

CVE-2025-36274 HIGH

IBM Aspera HTTP Gateway 2.0.0-2.3.1 - Unauthenticated Cleartext Transmission of Sensitive Information

CVE-2025-33116 MEDIUM

IBM Watson Studio 4.0-5.2.0 - Authenticated Stored Cross-Site Scripting

CVE-2025-36064 MEDIUM

IBM Sterling Connect:Express 3.1.0.0-3.1.0.22 - Unauthenticated Brute Force via Inadequate Account Lockout

CVE-2025-36202 HIGH

IBM webMethods Integration 10.15 and 11.1 - Authenticated Command Execution via Format String Vulnerability

CVE-2025-36037 MEDIUM

IBM webMethods Integration 10.15 and 11.1 - Authenticated Server-Side Request Forgery

CVE-2025-36248 MEDIUM

IBM Copy Services Manager < 6.3.14 - Unauthenticated Cross-Site Scripting

CVE-2025-36146 MEDIUM

IBM watsonx.data 2.2 - Authenticated Sensitive Information Exposure

CVE-2025-36143 MEDIUM

IBM watsonx.data 2.2 - Authenticated OS Command Injection

CVE-2025-36139 MEDIUM

IBM watsonx.data 2.2 - Stored Cross-Site Scripting

CVE-2025-36244 HIGH

IBM AIX <7.2-7.3, VIOS <4.1 - Privilege Escalation

CVE-2025-36082 MEDIUM

IBM OpenPages <9.1 - Info Disclosure

CVE-2025-36035 MEDIUM

IBM PowerVM Hypervisor FW950.00-FW950.E0, FW1050.00-FW1050.50, FW1060.00-FW1060.40 DoS

Previous Page 13 of 327 Next

Products

websphere_application_server 444 aix 393 db2 327 rational_quality_manager 202 sterling_b2b_integrator 195 infosphere_information_server 188 qradar_security_information_and_event_manager 187 maximo_asset_management 182 rational_doors_next_generation 153 rational_team_concert 142 rational_collaborative_lifecycle_management 141 rational_engineering_lifecycle_manager 141 websphere_portal 126 security_guardium 112 cognos_analytics 102 sterling_file_gateway 93 rational_rhapsody_design_manager 90 security_verify_access 90 websphere_mq 89 business_process_manager 88 lotus_domino 86 vios 85 rational_software_architect_design_manager 81 api_connect 79 lotus_notes 71 security_key_lifecycle_manager 70 db2_universal_database 66 concert 65 smartcloud_control_desk 65 urbancode_deploy 63

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy