ibm

8,286 tracked vulnerabilities.

CVE-2023-27860 MEDIUM
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 - Sensitive Information Disclosure in Error Message
Apr 27, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-24966 MEDIUM
IBM WebSphere Application Server 8.5.0.0-8.5.5.23 - Cross-Site Scripting
Apr 27, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-30444 HIGH
IBM Watson Machine Learning on Cloud Pak for Data 4.0 and 4.5 - Authenticated Server-Side Request Forgery
Apr 27, 2023
CVSS 7.1
EPSS 0.00
CVE-2023-29255 HIGH
IBM DB2 10.5, 11.1, 11.5 - Denial of Service via Anonymous Block Compilation
Apr 27, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-27559 MEDIUM
IBM Db2 10.5, 11.1, 11.5 - Denial of Service via Crafted Subquery
Apr 26, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-29257 HIGH
IBM Db2 10.5, 11.1, 11.5 - Remote Code Execution via Database Administrator Privilege Escalation
Apr 26, 2023
CVSS 7.2
EPSS 0.02
CVE-2023-26286 HIGH
IBM AIX <7.4 - Privilege Escalation
Apr 26, 2023
CVSS 8.4
EPSS 0.00
CVE-2023-27876 HIGH
IBM TRIRIGA 4.0 - XML External Entity Injection
Apr 07, 2023
CVSS 7.1
EPSS 0.01
CVE-2023-27286 HIGH
IBM Aspera Cargo/Connect 4.2.5 - Buffer Overflow
Apr 02, 2023
CVSS 8.4
EPSS 0.01
CVE-2023-27284 HIGH
IBM Aspera Cargo/Connect <4.2.5 - Buffer Overflow
Apr 02, 2023
CVSS 8.4
EPSS 0.01
CVE-2023-26283 MEDIUM
IBM WebSphere Application Server 9.0 - Cross-Site Scripting
Apr 02, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-25924 MEDIUM
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 - Authenticated Incorrect Authorization
Mar 22, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-25688 MEDIUM
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, 4.1.1 - Path Traversal via URL Request
Mar 22, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-25684 MEDIUM
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, 4.1.1 - SQL Injection
Mar 21, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-25923 LOW
IBM Security Guardium Key Lifecycle Manager 3.0-4.1.1 - Unauthenticated File Upload and DoS
Mar 21, 2023
CVSS 2.7
EPSS 0.01
CVE-2023-25686 MEDIUM
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 - Insufficiently Protected Credentials
Mar 21, 2023
CVSS 6.2
EPSS 0.00
CVE-2023-27874 CRITICAL
IBM Aspera Faspex 4.4.2 - Authenticated XML External Entity Injection
Mar 21, 2023
CVSS 9.9
EPSS 0.01
CVE-2023-27873 MEDIUM
IBM Aspera Faspex <4.4.2 - Info Disclosure
Mar 21, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-27871 HIGH
IBM Aspera Faspex < 4.4.2 - SQL Injection
Mar 21, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-25689 LOW
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, 4.1.1 - Path Traversal via URL Request
Mar 21, 2023
CVSS 2.7
EPSS 0.01
CVE-2023-25687 MEDIUM
IBM Security Guardium Key Lifecycle Manager 3.0-4.1.1 Sensitive Info Exposure via Log Files
Mar 21, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-27875 HIGH
IBM Aspera Faspex 5.0.4 - Improper Access Control
Mar 16, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-22591 LOW
IBM Robotic Process Automation 21.0.1-21.0.7 and 23.0.0-23.0.1 - Insufficient Session Expiration
Mar 15, 2023
CVSS 3.9
EPSS 0.00
CVE-2023-25680 MEDIUM
IBM Robotic Process Automation 21.0.1-21.0.5 - Exposure of Sensitive Information in Queue Provider Credentials
Mar 15, 2023
CVSS 4.2
EPSS 0.01
CVE-2023-22876 MEDIUM
IBM Sterling B2B Integrator 6.0.0.0-6.0.3.7 and 6.1.0.0-6.1.2.1 - Authenticated Exposure of Sensitive Information
Mar 15, 2023
CVSS 4.3
EPSS 0.01