ibm

8,170 tracked vulnerabilities.

CVE-2023-47727 MEDIUM
IBM Cloud Pak for Security <1.10.11.0 & QRadar Suite Software <1.10...
May 02, 2024
CVSS 4.3
EPSS 0.00
CVE-2023-38002 MEDIUM
IBM Storage Scale <5.1.9.2 - Privilege Escalation
Apr 30, 2024
CVSS 5.0
EPSS 0.00
CVE-2023-47731 MEDIUM
IBM Cloud Pak for Security 1.10.0.0-1.10.11.0 and QRadar Suite 1.10.12.0-1.10.19.0 - Stored Cross-Site Scripting
Apr 23, 2024
CVSS 5.4
EPSS 0.00
CVE-2023-37397 LOW
IBM Aspera Faspex 5.0.0-5.0.7 - Inadequate Encryption Strength
Apr 19, 2024
CVSS 3.6
EPSS 0.00
CVE-2023-27279 MEDIUM
IBM Aspera Faspex 5.0.0-5.0.7 - Denial of Service via Missing API Rate Limiting
Apr 19, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-37396 LOW
IBM Aspera Faspex 5.0.0-5.0.7 - Sensitive Information Exposure via Improper Encryption
Apr 19, 2024
CVSS 2.5
EPSS 0.00
CVE-2023-22869 MEDIUM
IBM Aspera Faspex 5.0.0-5.0.7 - Sensitive Information Exposure in Log Files
Apr 19, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-37400 HIGH
IBM Aspera Faspex 5.0.0-5.0.7 - Privilege Escalation via Insecure Credential Storage
Apr 19, 2024
CVSS 7.8
EPSS 0.00
CVE-2023-47714 MEDIUM
IBM Sterling File Gateway 6.0.0.0-6.0.3.9, 6.1.0.0-6.1.2.3, 6.2.0.0 - Cross-Site Scripting
Apr 12, 2024
CVSS 4.8
EPSS 0.00
CVE-2023-50307 MEDIUM
IBM Sterling B2B Integrator 6.0.0.0-6.0.3.9, 6.1.0.0-6.1.2.3, 6.2.0.0 - Cross-Site Scripting
Apr 12, 2024
CVSS 5.4
EPSS 0.00
CVE-2023-45186 MEDIUM
IBM Sterling B2B Integrator 6.0.0.0-6.0.3.9, 6.1.0.0-6.1.2.3, 6.2.0.0 - Cross-Site Scripting
Apr 12, 2024
CVSS 4.8
EPSS 0.00
CVE-2023-50949 MEDIUM
IBM QRadar SIEM 7.5 - Improper Certificate Validation
Apr 11, 2024
CVSS 5.9
EPSS 0.00
CVE-2023-52296 MEDIUM
IBM DB2 11.5 - Denial of Service via Concurrent UDF Query
Apr 03, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-38729 MEDIUM
IBM Db2 10.5, 11.1, 11.5 - Sensitive Information Disclosure via ADMIN_CMD with IMPORT or EXPORT
Apr 03, 2024
CVSS 6.8
EPSS 0.00
CVE-2023-50313 MEDIUM
IBM WebSphere Application Server 8.5 and 9.0 - Use of a Broken or Risky Cryptographic Algorithm
Apr 02, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-50959 MEDIUM
IBM Cloud Pak for Business Automation <23.0.2 - Info Disclosure
Mar 31, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-50311 LOW
IBM CICS Transaction Gateway 9.2-9.3 - Sensitive Path Information Disclosure via Debugging or Error Messages
Mar 31, 2024
CVSS 3.1
EPSS 0.00
CVE-2023-50961 MEDIUM
IBM QRadar SIEM 7.5 - Stored Cross-Site Scripting
Mar 27, 2024
CVSS 4.8
EPSS 0.00
CVE-2023-47150 HIGH
IBM Common Cryptographic Architecture 7.0.0-7.5.36 - Denial of Service via AES Operations
Mar 26, 2024
CVSS 7.5
EPSS 0.00
CVE-2023-33855 LOW
IBM Common Cryptographic Architecture 7.0.0-7.5.36 - Covert Timing Channel via RSA Operations
Mar 26, 2024
CVSS 3.7
EPSS 0.00
CVE-2023-47715 MEDIUM
IBM Storage Protect Plus 10.1.0-10.1.16 - Authenticated Privilege Escalation via HyperVisor Configuration Manipulation
Mar 21, 2024
CVSS 4.3
EPSS 0.00
CVE-2023-35899 HIGH
IBM Cloud Pak for Automation <22.0.2 - Code Injection
Mar 21, 2024
CVSS 7.0
EPSS 0.00
CVE-2023-45177 MEDIUM
IBM MQ 9.0.0.0-9.0.0.20 and 9.3.0-9.3.3 - Denial of Service in Clustering Logic
Mar 20, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-35888 MEDIUM
IBM Security Verify Governance 10.0.2 - Sensitive Information Exposure via Missing HSTS Enforcement
Mar 20, 2024
CVSS 5.9
EPSS 0.00
CVE-2023-47699 MEDIUM
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 - Cross-Site Scripting
Mar 15, 2024
CVSS 6.1
EPSS 0.00
Products
websphere_application_server 444 aix 393 db2 327 rational_quality_manager 202 sterling_b2b_integrator 195 infosphere_information_server 188 qradar_security_information_and_event_manager 187 maximo_asset_management 182 rational_doors_next_generation 153 rational_team_concert 142 rational_collaborative_lifecycle_management 141 rational_engineering_lifecycle_manager 141 websphere_portal 126 security_guardium 112 cognos_analytics 102 sterling_file_gateway 93 rational_rhapsody_design_manager 90 security_verify_access 90 websphere_mq 89 business_process_manager 88 lotus_domino 86 vios 85 rational_software_architect_design_manager 81 api_connect 79 lotus_notes 71 security_key_lifecycle_manager 70 db2_universal_database 66 concert 65 smartcloud_control_desk 65 urbancode_deploy 63
Quick Filters
Critical CVEs With Exploits In CISA KEV