ibm

8,153 tracked vulnerabilities.

CVE-2024-39730 MEDIUM
IBM Datacap Navigator <9.1.7-9.1.9 - CSRF
Jun 28, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-54172 MEDIUM
IBM Sterling B2B Integrator & File Gateway <6.1.2.6, <6.2.0.4 - CSRF
Jun 18, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-54183 MEDIUM
IBM Sterling B2B Integrator & File Gateway <6.1.2.6, <6.2.0.4 - XSS
Jun 18, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-56343 MEDIUM
IBM Verify Identity Access Digital Credentials 24.06 - DoS
Jun 06, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-56342 MEDIUM
IBM Verify Identity Access Digital Credentials 24.06 - Sensitive Information Exposure via Error Message
Jun 06, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-22330 MEDIUM
IBM Security Verify Governance 10.0.2 - Info Disclosure
Jun 06, 2025
CVSS 5.9
EPSS 0.00
CVE-2024-45655 MEDIUM
IBM Application Gateway 19.12-24.09 - Incorrect Permission Assignment for Critical Resource
Jun 03, 2025
CVSS 5.5
EPSS 0.00
CVE-2024-49350 MEDIUM
IBM Db2 11.1.0-11.1.4.7, 11.5.0-11.5.9, 12.1.0-12.1.1 - Denial of Service via Crafted Query
May 29, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-51453 MEDIUM
IBM Sterling Secure Proxy 6.2.0.0-6.2.0.1 - Path Traversal via URL Request
May 28, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-38341 MEDIUM
IBM Sterling Secure Proxy <6.2.0.1 - Info Disclosure
May 28, 2025
CVSS 5.9
EPSS 0.00
CVE-2024-45094 MEDIUM
IBM DS8900F and DS8A00 Hardware Management Console - Stored Cross-Site Scripting
May 27, 2025
CVSS 5.5
EPSS 0.00
CVE-2024-45641 MEDIUM
IBM Security ReaQta EDR 3.12-3.12.16 - Improper SSL Certificate Validation
May 20, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-51475 MEDIUM
IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 - HTML Injection
May 16, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-41753 MEDIUM
IBM Cloud Pak for Business Automation 24.0.0-24.0.1 - Unauthenticated Stored XSS
May 03, 2025
CVSS 6.1
EPSS 0.00
CVE-2024-55913 MEDIUM
IBM Concert 1.0.0-1.0.5 - Path Traversal via URL Request
May 02, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-55912 MEDIUM
IBM Concert 1.0.0-1.0.5 - Use of Weak Cryptographic Algorithms
May 02, 2025
CVSS 5.9
EPSS 0.00
CVE-2024-55910 MEDIUM
IBM Concert 1.0.0-1.0.5 - Authenticated Server-Side Request Forgery
May 02, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-55909 MEDIUM
IBM Concert 1.0.0-1.0.5 - Authenticated Denial of Service via Archive Expansion
May 02, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-52903 MEDIUM
IBM Db2 12.1.0-12.1.1 - Denial of Service via Crafted Query
May 01, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-22351 MEDIUM
IBM InfoSphere Information 11.7 - Privilege Escalation
Apr 23, 2025
CVSS 6.3
EPSS 0.00
CVE-2024-49808 MEDIUM
IBM Sterling Connect:Direct Web Services <6.3.0 - Auth Bypass
Apr 18, 2025
CVSS 6.3
EPSS 0.00
CVE-2024-45651 MEDIUM
IBM Sterling Connect:Direct Web Services 6.1.0-6.1.0.28 - Insufficient Session Expiration
Apr 18, 2025
CVSS 6.3
EPSS 0.00
CVE-2024-22314 MEDIUM
IBM Storage Defender - Resiliency Service <2.0.13 - Info Disclosure
Apr 16, 2025
CVSS 5.9
EPSS 0.00
CVE-2024-49825 MEDIUM
IBM Robotic Process Automation <21.0.7.20,23.0.20 - Privilege Escal...
Apr 14, 2025
CVSS 6.3
EPSS 0.00
CVE-2024-51461 MEDIUM
IBM QRadar WinCollect 10.0-10.1.13 - Denial of Service via HTTP Request Interruption
Apr 11, 2025
CVSS 4.3
EPSS 0.00
Products
websphere_application_server 444 aix 393 db2 327 rational_quality_manager 202 sterling_b2b_integrator 195 infosphere_information_server 188 qradar_security_information_and_event_manager 187 maximo_asset_management 182 rational_doors_next_generation 153 rational_team_concert 142 rational_collaborative_lifecycle_management 141 rational_engineering_lifecycle_manager 141 websphere_portal 126 security_guardium 112 cognos_analytics 102 sterling_file_gateway 93 rational_rhapsody_design_manager 90 security_verify_access 90 websphere_mq 89 business_process_manager 88 lotus_domino 86 vios 85 rational_software_architect_design_manager 81 api_connect 79 lotus_notes 71 security_key_lifecycle_manager 70 db2_universal_database 66 concert 65 smartcloud_control_desk 65 urbancode_deploy 63
Quick Filters
Critical CVEs With Exploits In CISA KEV