ibm

8,286 tracked vulnerabilities.

CVE-2024-31906 MEDIUM
IBM Automation Decision Services 23.0.2 - Info Disclosure
Jan 26, 2025
CVSS 6.2
EPSS 0.00
CVE-2024-35150 MEDIUM
IBM Maximo Application Suite <9.1.0 - Info Disclosure
Jan 25, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-35148 MEDIUM
IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - SQL Injection in Monitor Component
Jan 25, 2025
CVSS 6.3
EPSS 0.00
CVE-2024-35145 MEDIUM
IBM Maximo Application Suite 9.0.0 - Unauthenticated Stored Cross-Site Scripting in Monitor Component
Jan 25, 2025
CVSS 6.1
EPSS 0.00
CVE-2024-35144 MEDIUM
IBM Maximo Application Suite <9.0 - Info Disclosure
Jan 25, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-39750 HIGH
IBM Analytics Content Hub 2.0-<2.3 - Authenticated Buffer Overflow via Improper Return Length Check
Jan 25, 2025
CVSS 8.8
EPSS 0.01
CVE-2024-35134 MEDIUM
IBM Analytics Content Hub 2.0-<2.3 - Sensitive Information Exposure via Error Message
Jan 25, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-35114 MEDIUM
IBM Control Center 6.2.1 and 6.3.1 - Username Enumeration via Observable Login Discrepancy
Jan 25, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-35113 MEDIUM
IBM Control Center <6.3.1 - Info Disclosure
Jan 25, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-35112 MEDIUM
IBM Control Center 6.2.1 and 6.3.1 - Information Disclosure via Detailed Error Messages
Jan 25, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-35111 MEDIUM
IBM Control Center 6.2.1 and 6.3.1 - Sensitive Information Exposure via Error Message
Jan 25, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-35122 LOW
IBM i 7.2-7.5 - Unauthenticated Local Denial of Service via Referential Constraint Configuration
Jan 24, 2025
CVSS 2.8
EPSS 0.00
CVE-2024-45077 MEDIUM
IBM Maximo Asset Management 7.6.1.3 - Unrestricted File Upload
Jan 24, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-41757 MEDIUM
IBM Concert 1.0.0 and 1.0.1 - Cleartext Transmission of Sensitive Information
Jan 24, 2025
CVSS 5.9
EPSS 0.00
CVE-2024-40706 MEDIUM
IBM InfoSphere Information Server 11.7 - Info Disclosure
Jan 24, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-40693 HIGH
IBM Planning Analytics 2.0-2.1 - Code Injection
Jan 24, 2025
CVSS 8.0
EPSS 0.00
CVE-2024-25034 HIGH
IBM Planning Analytics <2.2 - Code Injection
Jan 24, 2025
CVSS 8.0
EPSS 0.00
CVE-2024-41739 HIGH
IBM Cognos Dashboards 4.0.7 and 5.0.0 on Cloud Pak for Data - Unauthorized Actions via Dependency Confusion
Jan 24, 2025
CVSS 8.8
EPSS 0.00
CVE-2024-45672 MEDIUM
IBM Security Verify Bridge 1.0.0-1.0.15 - Privilege Escalation and Denial of Service via Excessive Agent Privileges
Jan 23, 2025
CVSS 6.0
EPSS 0.00
CVE-2024-51457 MEDIUM
IBM Robotic Process Automation for Cloud Pak 21.0.0-21.0.7.19 & 23.0.0-23.0.19 Authenticated Stored XSS
Jan 22, 2025
CVSS 4.4
EPSS 0.00
CVE-2024-31903 HIGH
IBM Sterling B2B Integrator 6.0.0.0-6.1.2.5 & 6.2.0.0-6.2.0.2 - RCE via Untrusted Deserialization
Jan 22, 2025
CVSS 8.8
EPSS 0.01
CVE-2024-45091 MEDIUM
IBM UrbanCode Deploy <7.0.5.24-7.1.2.10-7.2.3.13 - Info Disclosure
Jan 21, 2025
CVSS 6.2
EPSS 0.00
CVE-2024-22349 MEDIUM
IBM DevOps Velocity 5.0.0-IBM UrbanCode Velocity 4.0.0-4.0.25 - Inf...
Jan 20, 2025
CVSS 4.0
EPSS 0.00
CVE-2024-22348 MEDIUM
IBM DevOps Velocity 5.0.0, IBM UrbanCode Velocity 4.0.0-4.0.25 - SSRF
Jan 20, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-22347 MEDIUM
IBM DevOps Velocity 5.0.0 and UrbanCode Velocity 4.0.0-4.0.25 - Use of Weak Cryptographic Algorithms
Jan 20, 2025
CVSS 5.9
EPSS 0.00