ibm

8,153 tracked vulnerabilities.

CVE-2025-0915 MEDIUM
IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.1 - Authenticated Denial of Service via Memory Resource Exhaustion
May 05, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-1992 MEDIUM
IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.1 - Authenticated Denial of Service via Memory Leak
May 05, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-1838 MEDIUM
IBM Cloud Pak for Business Automation <24.0.1 - DoS
May 03, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-1495 MEDIUM
IBM Business Automation Workflow 24.0.0-24.0.1 IF001 - Unauthenticated Sensitive Information Exposure
May 03, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-27365 MEDIUM
IBM MQ Operator - Memory Corruption
May 01, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-1333 MEDIUM
IBM MQ Operator 2.0.0-2.0.29 3.1.0-3.1.3 3.2.0-3.2.10 - Information Disclosure via Cloud Pak for Integration Keycloak
May 01, 2025
CVSS 6.0
EPSS 0.00
CVE-2025-1551 MEDIUM
IBM Operational Decision Manager 8.11.0.1, 8.11.1.0, 8.12.0.1, 9.0.0.1 - Unauthenticated Cross-Site Scripting
Apr 29, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-2986 MEDIUM
IBM Maximo Asset Mgmt <7.6.1.3 - XSS
Apr 25, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-25046 LOW
IBM InfoSphere Information Server 11.7 - Info Disclosure
Apr 23, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-25045 MEDIUM
IBM InfoSphere Information 11.7 - Info Disclosure
Apr 23, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-27907 MEDIUM
IBM WebSphere Application Server 8.5-8.5.5.27 - Authenticated Server-Side Request Forgery
Apr 22, 2025
CVSS 4.1
EPSS 0.00
CVE-2025-1951 HIGH
IBM Hardware Management Console - Privilege Escalation
Apr 22, 2025
CVSS 8.4
EPSS 0.00
CVE-2025-1950 CRITICAL
IBM Hardware Management Console - Power Systems <10.3.1050.0 - Comm...
Apr 22, 2025
CVSS 9.3
EPSS 0.00
CVE-2025-2987 LOW
IBM Maximo Asset Mgmt <7.6.1.3 - SSRF
Apr 22, 2025
CVSS 3.8
EPSS 0.00
CVE-2025-2950 MEDIUM
IBM i Navigator - Host Header Injection
Apr 18, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-2947 HIGH
IBM i 7.6 - Privilege Escalation via Incorrect Profile Swapping
Apr 17, 2025
CVSS 7.2
EPSS 0.00
CVE-2025-3423 MEDIUM
IBM Aspera Faspex 5.0.0-5.0.11 - Authenticated Stored Cross-Site Scripting
Apr 13, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-25023 MEDIUM
IBM Security Guardium <12.1 - Info Disclosure
Apr 09, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-1095 HIGH
IBM Personal Communications v14-v15 - Privilege Escalation
Apr 08, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-1500 MEDIUM
IBM Maximo Application Suite 9.0-<9.0.7 - Authenticated Unrestricted Upload of File with Dangerous Type
Apr 05, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-0154 MEDIUM
IBM TXSeries for Multiplatforms <9.1, 11.1 - Info Disclosure
Apr 02, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-0986 MEDIUM
IBM PowerVM Hypervisor - Info Disclosure
Mar 28, 2025
CVSS 4.5
EPSS 0.00
CVE-2025-1998 MEDIUM
IBM UrbanCode Deploy <7.3.2.0 - Info Disclosure
Mar 27, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-1997 MEDIUM
IBM UrbanCode Deploy/DevOps Deploy <7.3.2.0 - XSS
Mar 27, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-2000 CRITICAL
Qiskit 0.18.0-1.4.1 - Remote Code Execution via QPY Deserialization
Mar 14, 2025
CVSS 9.8
EPSS 0.00
Products
websphere_application_server 444 aix 393 db2 327 rational_quality_manager 202 sterling_b2b_integrator 195 infosphere_information_server 188 qradar_security_information_and_event_manager 187 maximo_asset_management 182 rational_doors_next_generation 153 rational_team_concert 142 rational_collaborative_lifecycle_management 141 rational_engineering_lifecycle_manager 141 websphere_portal 126 security_guardium 112 cognos_analytics 102 sterling_file_gateway 93 rational_rhapsody_design_manager 90 security_verify_access 90 websphere_mq 89 business_process_manager 88 lotus_domino 86 vios 85 rational_software_architect_design_manager 81 api_connect 79 lotus_notes 71 security_key_lifecycle_manager 70 db2_universal_database 66 concert 65 smartcloud_control_desk 65 urbancode_deploy 63
Quick Filters
Critical CVEs With Exploits In CISA KEV