ibm

8,202 tracked vulnerabilities.

CVE-2022-22480 HIGH
IBM QRadar SIEM <7.5 - Info Disclosure
Oct 07, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-41294 MEDIUM
IBM Robotic Process Automation <21.0.5 - SSRF
Oct 06, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-38709 MEDIUM
IBM Robotic Process Automation <21.0.3 - XSS
Oct 06, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-36774 MEDIUM
IBM Robotic Process Automation <21.0.3 - Man In The Middle
Oct 06, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-22503 MEDIUM
IBM Robotic Process Automation 21.0.0 - CSRF
Oct 06, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-39168 HIGH
IBM Robotic Process Automation - Credential Exposure in Upgrade Logs
Sep 29, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-36771 MEDIUM
IBM QRadar User Behavior Analytics < 4.1.9 - Authenticated Sensitive Information Disclosure
Sep 28, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-35722 MEDIUM
IBM Jazz for Service Management < 1.1.3.16 - Stored Cross-Site Scripting
Sep 28, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-35282 MEDIUM
IBM WebSphere Application Server 7.0.0.0-7.0.0.44 - Server-Side Request Forgery
Sep 28, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-22387 MEDIUM
IBM Application Gateway - Stored Cross-Site Scripting in Web UI
Sep 28, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-40748 MEDIUM
IBM InfoSphere Information Server 11.7 - Cross-Site Scripting
Sep 23, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-35721 MEDIUM
IBM Jazz for Service Management 1.1.3 - XSS
Sep 23, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-34348 HIGH
IBM Sterling Partner Engagement Manager 2.0-6.1.2.6 - XML External Entity Injection
Sep 23, 2022
CVSS 7.1
EPSS 0.00
CVE-2022-22423 MEDIUM
IBM Common Cryptographic Architecture 5.0.0-5.7.11 and 7.0.0-7.3.43 - Denial of Service via Improper Input Validation
Sep 23, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-40616 HIGH
IBM Maximo Asset Management 7.6.1.1-7.6.1.3 - Authentication Bypass
Sep 21, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-40608 HIGH
IBM Spectrum Protect Plus 10.1.6-10.1.11 - Path Traversal via Microsoft File Systems Restore URL
Sep 19, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-40234 MEDIUM
IBM Spectrum Protect Plus < 10.1.12 - Private Key Exposure in TLS Certificate Upload
Sep 19, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-36768 HIGH
IBM AIX <7.4 - Privilege Escalation
Sep 13, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-35637 MEDIUM
IBM Db2 9.7, 10.1, 10.5, 11.1, 11.5 - Denial of Service via Malformed SQL Statement in Db2expln Tool
Sep 13, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34356 HIGH
IBM AIX <7.4 - Privilege Escalation
Sep 13, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-34336 MEDIUM
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 - Cross-Site Scripting
Sep 13, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-22483 MEDIUM
IBM Db2 9.7, 10.1, 10.5, 11.1, 11.5 - Unauthorized Information Disclosure via CREATE OR REPLACE Command
Sep 13, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-22330 MEDIUM
IBM Control Desk 7.6.1 - Info Disclosure
Sep 13, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-22329 MEDIUM
IBM Control Desk 7.6.1 - Open Redirect
Sep 13, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-34165 MEDIUM
IBM WebSphere Application Server <22.0.0.9 - HTTP Header Injection
Sep 09, 2022
CVSS 5.4
EPSS 0.00
Products
websphere_application_server 445 aix 393 db2 328 rational_quality_manager 202 sterling_b2b_integrator 195 infosphere_information_server 188 qradar_security_information_and_event_manager 187 maximo_asset_management 182 rational_doors_next_generation 153 rational_team_concert 142 rational_collaborative_lifecycle_management 141 rational_engineering_lifecycle_manager 141 websphere_portal 126 security_guardium 112 cognos_analytics 102 sterling_file_gateway 93 rational_rhapsody_design_manager 90 security_verify_access 90 websphere_mq 89 business_process_manager 88 lotus_domino 86 vios 85 rational_software_architect_design_manager 81 api_connect 79 lotus_notes 71 security_key_lifecycle_manager 70 db2_universal_database 66 concert 65 smartcloud_control_desk 65 urbancode_deploy 63
Quick Filters
Critical CVEs With Exploits In CISA KEV