ibm

8,153 tracked vulnerabilities.

CVE-2025-0164 LOW
IBM QRadar SIEM <7.5.13 - Privilege Escalation
Sep 14, 2025
CVSS 2.3
EPSS 0.00
CVE-2025-36222 HIGH
IBM Fusion <2.10.1 - Info Disclosure
Sep 11, 2025
CVSS 8.7
EPSS 0.00
CVE-2025-36125 MEDIUM
IBM Hardware Management Console 10.3.1050.0 and 11.1.1110.0 - Authenticated Stored Cross-Site Scripting
Sep 09, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-36011 MEDIUM
IBM Jazz for Service Management <1.1.3.24 - Open Redirect
Sep 09, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-1761 MEDIUM
IBM Concert Software <1.1.0 - Info Disclosure
Sep 08, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-36100 MEDIUM
IBM MQ Password Exposure in Client Configuration Files
Sep 07, 2025
CVSS 5.1
EPSS 0.00
CVE-2025-2694 MEDIUM
IBM Sterling B2B Integrator & File Gateway <6.1.2.7_1, 6.2.0.4 - XSS
Sep 04, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-2667 LOW
IBM Sterling B2B Integrator <6.2.0.5 - Info Disclosure
Sep 04, 2025
CVSS 2.7
EPSS 0.00
CVE-2025-25048 MEDIUM
IBM Jazz Foundation <7.0.2-7.1.0 - Privilege Escalation
Sep 04, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-36193 HIGH
IBM Transformation Advisor 2.0.1-4.3.1 - Privilege Escalation via Incorrect File Permissions
Sep 03, 2025
CVSS 8.4
EPSS 0.00
CVE-2025-36162 MEDIUM
IBM DevOps Deploy/UCD <8.1.2.2 - Info Disclosure
Sep 02, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-33102 MEDIUM
IBM Concert Software <1.2 - Info Disclosure
Sep 01, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-33099 MEDIUM
IBM Concert Software <1.1.0 - Man In The Middle
Sep 01, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-33084 MEDIUM
IBM Concert Software <1.2 - Info Disclosure
Sep 01, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-33083 MEDIUM
IBM Concert 1.0.0-1.1.0 - Authenticated Stored Cross-Site Scripting
Sep 01, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-33082 MEDIUM
IBM Concert 1.0.0-1.1.0 - Authenticated Stored Cross-Site Scripting
Sep 01, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-0656 MEDIUM
IBM Concert 1.0.0-1.1.0 - Unauthenticated Stored Cross-Site Scripting
Sep 01, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-36133 MEDIUM
IBM App Connect Enterprise 9.2.0-11.6.0, 12.0.0-12.0.14, 12.1.0-12.14.0 - Sensitive Information Exposure
Sep 01, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-0165 HIGH
IBM watsonx Orchestrate Cartridge - SQL Injection
Aug 30, 2025
CVSS 7.6
EPSS 0.00
CVE-2025-36003 HIGH
IBM Security Verify Governance Identity Manager 10.0.2 - Sensitive Information Exposure via Detailed Error Messages
Aug 28, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-2697 HIGH
IBM Cognos Command Center <10.2.5 - Open Redirect
Aug 26, 2025
CVSS 7.4
EPSS 0.00
CVE-2025-1994 HIGH
IBM Cognos Command Center <10.2.5 - Code Injection
Aug 26, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-1494 MEDIUM
IBM Cognos Command Center 10.2.4.1-10.2.5 - CSRF
Aug 26, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-36174 HIGH
IBM Integrated Analytics System 1.0.0.0-1.0.30.0 - Authenticated Unrestricted Upload of File with Dangerous Type
Aug 24, 2025
CVSS 8.0
EPSS 0.00
CVE-2025-36157 CRITICAL
IBM Jazz Foundation 7.0.2-7.0.3, 7.1.0 - Unauthenticated Incorrect Authorization via Server Property File Update
Aug 24, 2025
CVSS 9.8
EPSS 0.00
Products
websphere_application_server 444 aix 393 db2 327 rational_quality_manager 202 sterling_b2b_integrator 195 infosphere_information_server 188 qradar_security_information_and_event_manager 187 maximo_asset_management 182 rational_doors_next_generation 153 rational_team_concert 142 rational_collaborative_lifecycle_management 141 rational_engineering_lifecycle_manager 141 websphere_portal 126 security_guardium 112 cognos_analytics 102 sterling_file_gateway 93 rational_rhapsody_design_manager 90 security_verify_access 90 websphere_mq 89 business_process_manager 88 lotus_domino 86 vios 85 rational_software_architect_design_manager 81 api_connect 79 lotus_notes 71 security_key_lifecycle_manager 70 db2_universal_database 66 concert 65 smartcloud_control_desk 65 urbancode_deploy 63
Quick Filters
Critical CVEs With Exploits In CISA KEV