Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / ibm

ibm

8,173 tracked vulnerabilities.

CVE-2023-25684 MEDIUM

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, 4.1.1 - SQL Injection

CVE-2023-25923 LOW

IBM Security Guardium Key Lifecycle Manager 3.0-4.1.1 - Unauthenticated File Upload and DoS

CVE-2023-25686 MEDIUM

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 - Insufficiently Protected Credentials

CVE-2023-27874 CRITICAL

IBM Aspera Faspex 4.4.2 - Authenticated XML External Entity Injection

CVE-2023-27873 MEDIUM

IBM Aspera Faspex <4.4.2 - Info Disclosure

CVE-2023-27871 HIGH

IBM Aspera Faspex < 4.4.2 - SQL Injection

CVE-2023-25689 LOW

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, 4.1.1 - Path Traversal via URL Request

CVE-2023-25687 MEDIUM

IBM Security Guardium Key Lifecycle Manager 3.0-4.1.1 Sensitive Info Exposure via Log Files

CVE-2023-27875 HIGH

IBM Aspera Faspex 5.0.4 - Improper Access Control

CVE-2023-22591 LOW

IBM Robotic Process Automation 21.0.1-21.0.7 and 23.0.0-23.0.1 - Insufficient Session Expiration

CVE-2023-25680 MEDIUM

IBM Robotic Process Automation 21.0.1-21.0.5 - Exposure of Sensitive Information in Queue Provider Credentials

CVE-2023-22876 MEDIUM

IBM Sterling B2B Integrator 6.0.0.0-6.0.3.7 and 6.1.0.0-6.1.2.1 - Authenticated Exposure of Sensitive Information

CVE-2023-26284 HIGH

IBM MQ Certified Container <9.3.0.4 - Privilege Escalation

CVE-2023-24975 MEDIUM

IBM Spectrum Symphony 7.3 - HTTP Header Injection via HOST Header

CVE-2023-27290 CRITICAL

IBM Observability with Instana 239-0-239-2, 241-0-241-2, 243-0 - Unauthenticated Data Store Access

CVE-2023-26281 MEDIUM

IBM HTTP Server 8.5 - Denial of Service via Crafted URL

CVE-2023-22860 MEDIUM

IBM Cloud Pak for Business Automation 18.0.0-22.0.2 - Stored Cross-Site Scripting

CVE-2023-25928 MEDIUM

IBM InfoSphere Information Server 11.7 - Cross-Site Scripting

CVE-2023-24960 HIGH

IBM InfoSphere Information Server 11.7 - Path Traversal via Dot Dot Sequences

CVE-2023-24964 MEDIUM

IBM InfoSphere Information Server 11.7 - Sensitive Information Exposure via Log Files

CVE-2023-22868 MEDIUM

IBM Aspera Faspex 4.4.1 - Stored Cross-Site Scripting

CVE-2023-23475 MEDIUM

IBM Infosphere Information Server 11.7 - Stored Cross-Site Scripting

CVE-2023-23477 HIGH

IBM WebSphere Application Server 8.5 and 9.0 - Remote Code Execution via Serialized Objects

CVE-2023-23469 MEDIUM

IBM ICP4A - Automation Decision Services <22.0.2 - Info Disclosure

CVE-2023-22863 MEDIUM

IBM Robotic Process Automation 20.12.0-21.0.2 - Cleartext Transmission of Sensitive Information via Default HTTP

Previous Page 63 of 327 Next

Products

websphere_application_server 444 aix 393 db2 327 rational_quality_manager 202 sterling_b2b_integrator 195 infosphere_information_server 188 qradar_security_information_and_event_manager 187 maximo_asset_management 182 rational_doors_next_generation 153 rational_team_concert 142 rational_collaborative_lifecycle_management 141 rational_engineering_lifecycle_manager 141 websphere_portal 126 security_guardium 112 cognos_analytics 102 sterling_file_gateway 93 rational_rhapsody_design_manager 90 security_verify_access 90 websphere_mq 89 business_process_manager 88 lotus_domino 86 vios 85 rational_software_architect_design_manager 81 api_connect 79 lotus_notes 71 security_key_lifecycle_manager 70 db2_universal_database 66 concert 65 smartcloud_control_desk 65 urbancode_deploy 63

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy