ibm
8,286 tracked vulnerabilities.
CVE-2023-38267
MEDIUM
IBM Security Verify Access <10.0.6.1 - Privilege Escalation
Jan 11, 2024
CVSS 6.2
EPSS 0.00
CVE-2023-31003
HIGH
IBM Security Verify Access - Privilege Escalation
Jan 11, 2024
CVSS 8.4
EPSS 0.00
CVE-2023-31001
MEDIUM
IBM Security Verify Access - Info Disclosure
Jan 11, 2024
CVSS 5.1
EPSS 0.00
CVE-2023-45175
MEDIUM
IBM AIX 7.2-7.3 and VIOS 3.1 - Denial of Service via TCP/IP Kernel Extension
Jan 11, 2024
CVSS 6.2
EPSS 0.00
CVE-2023-45173
MEDIUM
IBM AIX 7.2-7.3 and VIOS 3.1 - Denial of Service via NFS Kernel Extension
Jan 11, 2024
CVSS 6.2
EPSS 0.00
CVE-2023-47140
MEDIUM
IBM CICS Transaction Gateway 9.3 - Unauthorized File Access via Improper Access Controls
Jan 08, 2024
CVSS 4.0
EPSS 0.00
CVE-2023-50948
MEDIUM
IBM Storage Fusion HCI <2.7 - Info Disclosure
Jan 08, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-47145
HIGH
IBM Db2 10.5-11.5 - Privilege Escalation via MSI Repair Functionality
Jan 07, 2024
CVSS 8.4
EPSS 0.00
CVE-2023-49880
HIGH
IBM Financial Transaction Manager for SWIFT Services <3.2.4 - Info ...
Dec 25, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-43064
HIGH
IBM i 7.2-7.5 - Uncontrolled Search Path Element in Facsimile Support
Dec 25, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-45165
MEDIUM
IBM AIX 7.2 and 7.3 - Denial of Service via SMB Client
Dec 22, 2023
CVSS 6.2
EPSS 0.00
CVE-2023-42017
HIGH
IBM Planning Analytics Local 2.0 - Arbitrary File Upload via Improper File Extension Validation
Dec 22, 2023
CVSS 8.0
EPSS 0.01
CVE-2023-35895
MEDIUM
IBM Informix JDBC Driver <4.10,4.50 - RCE
Dec 20, 2023
CVSS 6.3
EPSS 0.01
CVE-2023-47707
MEDIUM
IBM Security Guardium Key Lifecycle Manager 4.2.0-4.2.0.2 - Cross-Site Scripting
Dec 20, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-47705
MEDIUM
IBM Security Guardium Key Lifecycle Manager 4.2.0-4.2.0.1 Username Manipulation via Input Validation
Dec 20, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-47703
MEDIUM
IBM Security Guardium Key Lifecycle Manager 4.2.0-4.2.0.2 - Sensitive Information Exposure via Error Message
Dec 20, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-47702
MEDIUM
IBM Security Guardium Key Lifecycle Manager 4.2.0-4.2.0.2 - Path Traversal via URL Request
Dec 20, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-47706
MEDIUM
IBM Security Guardium Key Lifecycle Manager 4.2.0-4.2.0.2 - Unrestricted File Upload
Dec 20, 2023
CVSS 6.6
EPSS 0.01
CVE-2023-47704
MEDIUM
IBM Security Guardium Key Lifecycle Manager 4.2.0-4.2.0.2 - Use of Hard-coded Credentials
Dec 20, 2023
CVSS 4.0
EPSS 0.01
CVE-2023-47161
MEDIUM
IBM UrbanCode Deploy 7.0.0.0-7.0.5.18 - Denial of Service via Archive File Upload
Dec 20, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-42013
MEDIUM
IBM UrbanCode Deploy 7.0.0.0-7.0.5.18 - Information Disclosure via Error Message
Dec 20, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-42012
MEDIUM
IBM UrbanCode Deploy 7.2.0.0-7.2.3.7 and 7.3.0.0-7.3.2.2 - Denial of Service via Windows Service Path
Dec 20, 2023
CVSS 6.2
EPSS 0.00
CVE-2023-45172
MEDIUM
IBM AIX 7.2-7.3 and VIOS 3.1 - Denial of Service via AIX Windows
Dec 19, 2023
CVSS 6.2
EPSS 0.00
CVE-2023-47146
MEDIUM
IBM QRadar SIEM 7.5 - Authenticated Exposure of Sensitive Domain Information
Dec 19, 2023
CVSS 4.9
EPSS 0.01
CVE-2023-42015
MEDIUM
IBM UrbanCode Deploy 7.1.0.0-7.1.2.14, 7.2.0.0-7.2.3.7, 7.3.0.0-7.3.2.2 - HTML Injection in Web UI
Dec 19, 2023
CVSS 4.3
EPSS 0.01
Products
websphere_application_server 465
aix 400
db2 339
rational_quality_manager 202
sterling_b2b_integrator 195
qradar_security_information_and_event_manager 190
infosphere_information_server 189
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 104
sterling_file_gateway 93
vios 92
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
api_connect 81
rational_software_architect_design_manager 81
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
smartcloud_control_desk 65
urbancode_deploy 65
Quick Filters