ibm

8,153 tracked vulnerabilities.

CVE-2025-0162 HIGH
IBM Aspera Shares <1.10.0 PL7 - XXE
Mar 07, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-0895 LOW
IBM Cognos Analytics Mobile 1.1 - Info Disclosure
Mar 02, 2025
CVSS 2.4
EPSS 0.00
CVE-2025-0160 HIGH
IBM FlashSystem - Remote Code Execution
Feb 28, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-0159 CRITICAL
IBM Storage Virtualize Unauthenticated Authentication Bypass via RPCAdapter Endpoint
Feb 28, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-0985 MEDIUM
IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD - Cleartext Storage of Sensitive Information in Environment Variables
Feb 28, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-23225 MEDIUM
IBM MQ Appliance 9.3.0.0-9.3.0.26 and <9.4.2 - Authenticated Denial of Service via Invalid Header Handling
Feb 28, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-0975 HIGH
IBM MQ Appliance 9.3.0-9.3.0.26 and 9.4.0-9.4.1 - Authenticated Remote Code Execution via Escape Character Injection
Feb 28, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-0823 MEDIUM
IBM Cognos Analytics 11.2.0-11.2.4 FP5 and 12.0.0-12.0.4 - Path Traversal via URL Request
Feb 28, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-0759 LOW
IBM EntireX 11.1 - Time-of-check Time-of-use Race Condition
Feb 27, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-0719 MEDIUM
IBM Cloud Pak for Data 4.0.0-4.8.5 and 5.0.0 - Unauthenticated Cross-Site Scripting
Feb 26, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-1403 HIGH
Qiskit 0.45.0-1.2.4 - Denial of Service via Malformed Symengine Serialization Stream
Feb 21, 2025
CVSS 8.6
EPSS 0.00
CVE-2025-0161 HIGH
IBM Security Verify Access Appliance <11.0.0.0 - Code Injection
Feb 20, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-0158 MEDIUM
IBM EntireX 11.1 - Denial of Service via Unhandled Error
Feb 06, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-0799 MEDIUM
IBM App Connect enterprise - Privilege Escalation
Feb 06, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-23227 MEDIUM
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0-7.3.0.11 - Authenticated Stored Cross-Site Scripting
Jan 23, 2025
CVSS 6.4
EPSS 0.00
CVE-2024-43178 MEDIUM
IBM Concert 1.0.0-2.1.0 - Info Disclosure
Feb 17, 2026
CVSS 5.9
EPSS 0.00
CVE-2024-51451 MEDIUM
IBM Concert 1.0.0-2.1.0 - HTTP Header Injection via HOST Header
Feb 04, 2026
CVSS 6.5
EPSS 0.00
CVE-2024-43181 MEDIUM
IBM Concert <2.1.0 - Privilege Escalation
Feb 04, 2026
CVSS 6.3
EPSS 0.00
CVE-2024-40685 MEDIUM
IBM Operations Analytics - Log Analysis <1.3.8.3 - CSRF
Feb 04, 2026
CVSS 4.3
EPSS 0.00
CVE-2024-39724 MEDIUM
IBM Db2 Big SQL on Cloud Pak for Data <7.8 - DoS
Feb 04, 2026
CVSS 5.3
EPSS 0.00
CVE-2024-56464 LOW
IBM QRadar SIEM <7.5.0 UP14 IF01 - Info Disclosure
Dec 09, 2025
CVSS 2.7
EPSS 0.00
CVE-2024-45675 HIGH
IBM Informix Dynamic Server 14.10 - Privilege Escalation
Dec 02, 2025
CVSS 8.4
EPSS 0.00
CVE-2024-47118 MEDIUM
IBM Db2 10.5.0-10.5.11, 11.1.0-11.1.4.7, 11.5.0-11.5.9, 12.1.0-12.1.3 - Denial of Service via Crafted Query
Nov 07, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-43192 MEDIUM
IBM Storage TS4500 Library 1.11.0.0 and 2.11.0.0 - Cross-Site Request Forgery
Sep 27, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-47120 MEDIUM
IBM Security Verify Information Queue <10.0.9 - Privilege Escalation
Sep 10, 2025
CVSS 6.4
EPSS 0.00
Products
websphere_application_server 444 aix 393 db2 327 rational_quality_manager 202 sterling_b2b_integrator 195 infosphere_information_server 188 qradar_security_information_and_event_manager 187 maximo_asset_management 182 rational_doors_next_generation 153 rational_team_concert 142 rational_collaborative_lifecycle_management 141 rational_engineering_lifecycle_manager 141 websphere_portal 126 security_guardium 112 cognos_analytics 102 sterling_file_gateway 93 rational_rhapsody_design_manager 90 security_verify_access 90 websphere_mq 89 business_process_manager 88 lotus_domino 86 vios 85 rational_software_architect_design_manager 81 api_connect 79 lotus_notes 71 security_key_lifecycle_manager 70 db2_universal_database 66 concert 65 smartcloud_control_desk 65 urbancode_deploy 63
Quick Filters
Critical CVEs With Exploits In CISA KEV