ibm

8,153 tracked vulnerabilities.

CVE-2025-13491 MEDIUM
IBM App Connect Enterprise <12.19.0-12.0 - Info Disclosure
Feb 05, 2026
CVSS 5.1
EPSS 0.00
CVE-2025-13379 HIGH
IBM Aspera Console 3.4.0-3.4.8 - SQL Injection
Feb 05, 2026
CVSS 8.6
EPSS 0.00
CVE-2025-2134 LOW
IBM Jazz Reporting Service - Authenticated Denial of Service via Complicated Queries
Feb 04, 2026
CVSS 3.5
EPSS 0.00
CVE-2025-27550 LOW
IBM Jazz Reporting Service - Info Disclosure
Feb 04, 2026
CVSS 3.5
EPSS 0.00
CVE-2025-1823 LOW
IBM Jazz Reporting Service - Authenticated Denial of Service via SQL Query Memory Exhaustion
Feb 04, 2026
CVSS 3.5
EPSS 0.00
CVE-2025-13375 CRITICAL
IBM CCA 7.5.52-8.4.82 - Privilege Escalation
Feb 04, 2026
CVSS 9.8
EPSS 0.00
CVE-2025-36094 MEDIUM
IBM Cloud Pak for Business Automation <25.0.0-24.0.1 - DoS
Feb 03, 2026
CVSS 5.4
EPSS 0.00
CVE-2025-36033 MEDIUM
IBM Engineering Lifecycle Management - XSS
Feb 03, 2026
CVSS 5.4
EPSS 0.00
CVE-2025-33081 LOW
IBM Concert <2.1.0 - Info Disclosure
Feb 03, 2026
CVSS 3.3
EPSS 0.00
CVE-2025-36436 MEDIUM
IBM Cloud Pak for Business Automation <25.0.0-24.0.1 - XSS
Feb 02, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-36253 MEDIUM
IBM Concert <2.1.0 - Info Disclosure
Feb 02, 2026
CVSS 5.9
EPSS 0.00
CVE-2025-36238 MEDIUM
IBM PowerVM Hypervisor - Info Disclosure
Feb 02, 2026
CVSS 6.0
EPSS 0.00
CVE-2025-36194 LOW
IBM PowerVM Hypervisor - Info Disclosure
Feb 02, 2026
CVSS 2.8
EPSS 0.00
CVE-2025-13096 HIGH
IBM Business Automation Workflow < 24.0.0 - XML External Entity Injection
Feb 02, 2026
CVSS 7.1
EPSS 0.00
CVE-2025-15395 MEDIUM
IBM Jazz Foundation 7.0.3-7.0.3 iFix019 and 7.1.0-7.1.0 iFix005 - Incorrect Authorization
Feb 02, 2026
CVSS 4.3
EPSS 0.00
CVE-2025-14914 HIGH
IBM WebSphere Liberty 17.0.0.3-26.0.0.1 Path Traversal & Arbitrary File Write via Zip Upload
Feb 02, 2026
CVSS 7.6
EPSS 0.00
CVE-2025-36442 MEDIUM
IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.3 - Denial of Service via Crafted Query with XML Columns
Jan 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-36428 MEDIUM
IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.3 - Authenticated Denial of Service via RPSCAN Feature
Jan 30, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-36427 MEDIUM
IBM Db2 11.5.0-11.5.8 - Denial of Service via Insufficient Data Query Validation
Jan 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-36424 MEDIUM
IBM Db2 11.5.0-11.5.8 - Denial of Service via Improper Data Query Logic Neutralization
Jan 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-36423 MEDIUM
IBM Db2 12.1.0-12.1.3 - Denial of Service via Data Query Logic
Jan 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-36407 MEDIUM
IBM Db2 11.5.0-11.5.8 - Denial of Service via ALTER TABLE Query
Jan 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-36387 MEDIUM
IBM Db2 11.5.0-11.5.9 - Authenticated Denial of Service via Crafted Query
Jan 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-36384 HIGH
IBM Db2 for Windows <12.1.3 - Privilege Escalation
Jan 30, 2026
CVSS 8.4
EPSS 0.00
CVE-2025-36366 MEDIUM
IBM Db2 11.5.0-11.5.8 - Denial of Service via JSON_Object Scalar Function
Jan 30, 2026
CVSS 6.5
EPSS 0.00
Products
websphere_application_server 444 aix 393 db2 327 rational_quality_manager 202 sterling_b2b_integrator 195 infosphere_information_server 188 qradar_security_information_and_event_manager 187 maximo_asset_management 182 rational_doors_next_generation 153 rational_team_concert 142 rational_collaborative_lifecycle_management 141 rational_engineering_lifecycle_manager 141 websphere_portal 126 security_guardium 112 cognos_analytics 102 sterling_file_gateway 93 rational_rhapsody_design_manager 90 security_verify_access 90 websphere_mq 89 business_process_manager 88 lotus_domino 86 vios 85 rational_software_architect_design_manager 81 api_connect 79 lotus_notes 71 security_key_lifecycle_manager 70 db2_universal_database 66 concert 65 smartcloud_control_desk 65 urbancode_deploy 63
Quick Filters
Critical CVEs With Exploits In CISA KEV