ibm
8,286 tracked vulnerabilities.
CVE-2023-27860
MEDIUM
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 - Sensitive Information Disclosure in Error Message
Apr 27, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-24966
MEDIUM
IBM WebSphere Application Server 8.5.0.0-8.5.5.23 - Cross-Site Scripting
Apr 27, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-30444
HIGH
IBM Watson Machine Learning on Cloud Pak for Data 4.0 and 4.5 - Authenticated Server-Side Request Forgery
Apr 27, 2023
CVSS 7.1
EPSS 0.00
CVE-2023-29255
HIGH
IBM DB2 10.5, 11.1, 11.5 - Denial of Service via Anonymous Block Compilation
Apr 27, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-27559
MEDIUM
IBM Db2 10.5, 11.1, 11.5 - Denial of Service via Crafted Subquery
Apr 26, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-29257
HIGH
IBM Db2 10.5, 11.1, 11.5 - Remote Code Execution via Database Administrator Privilege Escalation
Apr 26, 2023
CVSS 7.2
EPSS 0.02
CVE-2023-26286
HIGH
IBM AIX <7.4 - Privilege Escalation
Apr 26, 2023
CVSS 8.4
EPSS 0.00
CVE-2023-27876
HIGH
IBM TRIRIGA 4.0 - XML External Entity Injection
Apr 07, 2023
CVSS 7.1
EPSS 0.01
CVE-2023-27286
HIGH
IBM Aspera Cargo/Connect 4.2.5 - Buffer Overflow
Apr 02, 2023
CVSS 8.4
EPSS 0.01
CVE-2023-27284
HIGH
IBM Aspera Cargo/Connect <4.2.5 - Buffer Overflow
Apr 02, 2023
CVSS 8.4
EPSS 0.01
CVE-2023-26283
MEDIUM
IBM WebSphere Application Server 9.0 - Cross-Site Scripting
Apr 02, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-25924
MEDIUM
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 - Authenticated Incorrect Authorization
Mar 22, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-25688
MEDIUM
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, 4.1.1 - Path Traversal via URL Request
Mar 22, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-25684
MEDIUM
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, 4.1.1 - SQL Injection
Mar 21, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-25923
LOW
IBM Security Guardium Key Lifecycle Manager 3.0-4.1.1 - Unauthenticated File Upload and DoS
Mar 21, 2023
CVSS 2.7
EPSS 0.01
CVE-2023-25686
MEDIUM
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 - Insufficiently Protected Credentials
Mar 21, 2023
CVSS 6.2
EPSS 0.00
CVE-2023-27874
CRITICAL
IBM Aspera Faspex 4.4.2 - Authenticated XML External Entity Injection
Mar 21, 2023
CVSS 9.9
EPSS 0.01
CVE-2023-27873
MEDIUM
IBM Aspera Faspex <4.4.2 - Info Disclosure
Mar 21, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-27871
HIGH
IBM Aspera Faspex < 4.4.2 - SQL Injection
Mar 21, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-25689
LOW
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, 4.1.1 - Path Traversal via URL Request
Mar 21, 2023
CVSS 2.7
EPSS 0.01
CVE-2023-25687
MEDIUM
IBM Security Guardium Key Lifecycle Manager 3.0-4.1.1 Sensitive Info Exposure via Log Files
Mar 21, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-27875
HIGH
IBM Aspera Faspex 5.0.4 - Improper Access Control
Mar 16, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-22591
LOW
IBM Robotic Process Automation 21.0.1-21.0.7 and 23.0.0-23.0.1 - Insufficient Session Expiration
Mar 15, 2023
CVSS 3.9
EPSS 0.00
CVE-2023-25680
MEDIUM
IBM Robotic Process Automation 21.0.1-21.0.5 - Exposure of Sensitive Information in Queue Provider Credentials
Mar 15, 2023
CVSS 4.2
EPSS 0.01
CVE-2023-22876
MEDIUM
IBM Sterling B2B Integrator 6.0.0.0-6.0.3.7 and 6.1.0.0-6.1.2.1 - Authenticated Exposure of Sensitive Information
Mar 15, 2023
CVSS 4.3
EPSS 0.01
Products
websphere_application_server 465
aix 400
db2 339
rational_quality_manager 202
sterling_b2b_integrator 195
qradar_security_information_and_event_manager 190
infosphere_information_server 189
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 104
sterling_file_gateway 93
vios 92
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
api_connect 81
rational_software_architect_design_manager 81
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
smartcloud_control_desk 65
urbancode_deploy 65
Quick Filters