ibm

8,153 tracked vulnerabilities.

CVE-2024-43191 HIGH
IBM Cloud Pak for Multicloud Management Monitoring - Authenticated Remote Code Execution via YAML Deserialization
Sep 26, 2024
CVSS 7.2
EPSS 0.00
CVE-2024-31899 MEDIUM
IBM Cognos Command Center <10.2.5 - Info Disclosure
Sep 26, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-38324 MEDIUM
IBM Storage Defender <2.0.8 - Info Disclosure
Sep 25, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-40703 MEDIUM
IBM Cognos Analytics <12.0.3 - Info Disclosure
Sep 22, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-43188 MEDIUM
IBM Business Automation Workflow - Privilege Escalation
Sep 18, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-38315 MEDIUM
IBM Aspera Shares <1.11 - Privilege Escalation
Sep 16, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-43180 MEDIUM
IBM Concert 1.0 - Cleartext Transmission of Sensitive Information
Sep 13, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-27257 MEDIUM
IBM OpenPages <9.0 - Info Disclosure
Sep 10, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-40681 HIGH
IBM MQ 9.1-9.4 - Authenticated Privilege Escalation via Queue Manager Security Bypass
Sep 07, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-40680 MEDIUM
IBM MQ 9.3 CD and 9.4 LTS/CD - Denial of Service via Improper Memory Allocation
Sep 07, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-37068 MEDIUM
IBM Maximo Application Suite Manage Component 8.10, 8.11, 9.0 - Use of a Broken or Risky Cryptographic Algorithm
Sep 07, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-45098 MEDIUM
IBM Aspera Faspex <5.0.9 - Auth Bypass
Sep 05, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-45097 MEDIUM
IBM Aspera Faspex <5.0.9 - Auth Bypass
Sep 05, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-45096 MEDIUM
IBM Aspera Faspex <5.0.10 - Info Disclosure
Sep 05, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-45076 CRITICAL
IBM webMethods Integration 10.15 - Code Injection
Sep 04, 2024
CVSS 9.9
EPSS 0.00
CVE-2024-45075 HIGH
IBM webMethods Integration 10.15 - Privilege Escalation
Sep 04, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-45074 MEDIUM
IBM webMethods Integration 10.15 - Path Traversal
Sep 04, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-39747 HIGH
IBM Sterling Connect:Direct Web Services <6.4 - Info Disclosure
Aug 31, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-35133 MEDIUM
IBM Security Verify Access 10.0.0-10.0.8 - Authenticated Open Redirect via OIDC Provider
Aug 29, 2024
CVSS 6.8
EPSS 0.02
CVE-2024-35118 MEDIUM
IBM MaaS360 for Android 6.31-8.60 - Use of Hard-coded Credentials
Aug 29, 2024
CVSS 4.6
EPSS 0.00
CVE-2024-39746 MEDIUM
IBM Sterling Connect:Direct Web Services 6.0-6.3 - Cleartext Transmission of Sensitive Information
Aug 22, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-39745 MEDIUM
IBM Sterling Connect:Direct Web Services 6.0-6.3 - Use of a Broken or Risky Cryptographic Algorithm
Aug 22, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-39744 MEDIUM
IBM Sterling Connect:Direct Web Services 6.0-6.3 - Cross-Site Request Forgery
Aug 22, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-35151 MEDIUM
IBM OpenPages with Watson 8.3 and 9.0 - Authenticated Sensitive Information Exposure via API Authorization Bypass
Aug 22, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-41773 MEDIUM
IBM Global Configuration Management <7.0.3 - Privilege Escalation
Aug 20, 2024
CVSS 6.5
EPSS 0.00
Products
websphere_application_server 444 aix 393 db2 327 rational_quality_manager 202 sterling_b2b_integrator 195 infosphere_information_server 188 qradar_security_information_and_event_manager 187 maximo_asset_management 182 rational_doors_next_generation 153 rational_team_concert 142 rational_collaborative_lifecycle_management 141 rational_engineering_lifecycle_manager 141 websphere_portal 126 security_guardium 112 cognos_analytics 102 sterling_file_gateway 93 rational_rhapsody_design_manager 90 security_verify_access 90 websphere_mq 89 business_process_manager 88 lotus_domino 86 vios 85 rational_software_architect_design_manager 81 api_connect 79 lotus_notes 71 security_key_lifecycle_manager 70 db2_universal_database 66 concert 65 smartcloud_control_desk 65 urbancode_deploy 63
Quick Filters
Critical CVEs With Exploits In CISA KEV