ibm
8,286 tracked vulnerabilities.
CVE-2024-43177
MEDIUM
IBM Concert 1.0.0 and 1.0.1 - Improper Certificate Validation
Oct 22, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-43173
LOW
IBM Concert 1.0.0 and 1.0.1 - Sensitive Cookie with Improper SameSite Attribute
Oct 22, 2024
CVSS 3.7
EPSS 0.00
CVE-2024-45072
MEDIUM
IBM WebSphere App Server 8.5-9.0 - XXE
Oct 16, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-45071
MEDIUM
IBM WebSphere App Server <9.0 - XSS
Oct 16, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-49340
MEDIUM
IBM Watson Studio Local 1.2.3 - Cross-Site Request Forgery
Oct 16, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-45085
MEDIUM
IBM WebSphere Application Server 8.5.0.0-8.5.5.26 - Denial of Service via Crafted Request
Oct 15, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-45073
MEDIUM
IBM WebSphere App Server <9.0 - XSS
Sep 30, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-43191
HIGH
IBM Cloud Pak for Multicloud Management Monitoring - Authenticated Remote Code Execution via YAML Deserialization
Sep 26, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-31899
MEDIUM
IBM Cognos Command Center <10.2.5 - Info Disclosure
Sep 26, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-38324
MEDIUM
IBM Storage Defender <2.0.8 - Info Disclosure
Sep 25, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-40703
MEDIUM
IBM Cognos Analytics <12.0.3 - Info Disclosure
Sep 22, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-43188
MEDIUM
IBM Business Automation Workflow - Privilege Escalation
Sep 18, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-38315
MEDIUM
IBM Aspera Shares <1.11 - Privilege Escalation
Sep 16, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-43180
MEDIUM
IBM Concert 1.0 - Cleartext Transmission of Sensitive Information
Sep 13, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-27257
MEDIUM
IBM OpenPages <9.0 - Info Disclosure
Sep 10, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-40681
HIGH
IBM MQ 9.1-9.4 - Authenticated Privilege Escalation via Queue Manager Security Bypass
Sep 07, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-40680
MEDIUM
IBM MQ 9.3 CD and 9.4 LTS/CD - Denial of Service via Improper Memory Allocation
Sep 07, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-37068
MEDIUM
IBM Maximo Application Suite Manage Component 8.10, 8.11, 9.0 - Use of a Broken or Risky Cryptographic Algorithm
Sep 07, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-45098
MEDIUM
IBM Aspera Faspex <5.0.9 - Auth Bypass
Sep 05, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-45097
MEDIUM
IBM Aspera Faspex <5.0.9 - Auth Bypass
Sep 05, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-45096
MEDIUM
IBM Aspera Faspex <5.0.10 - Info Disclosure
Sep 05, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-45076
CRITICAL
IBM webMethods Integration 10.15 - Code Injection
Sep 04, 2024
CVSS 9.9
EPSS 0.01
CVE-2024-45075
HIGH
IBM webMethods Integration 10.15 - Privilege Escalation
Sep 04, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-45074
MEDIUM
IBM webMethods Integration 10.15 - Path Traversal
Sep 04, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-39747
HIGH
IBM Sterling Connect:Direct Web Services <6.4 - Info Disclosure
Aug 31, 2024
CVSS 8.1
EPSS 0.01
Products
websphere_application_server 465
aix 400
db2 339
rational_quality_manager 202
sterling_b2b_integrator 195
qradar_security_information_and_event_manager 190
infosphere_information_server 189
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 104
sterling_file_gateway 93
vios 92
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
api_connect 81
rational_software_architect_design_manager 81
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
smartcloud_control_desk 65
urbancode_deploy 65
Quick Filters