ibm

8,286 tracked vulnerabilities.

CVE-2022-40607 MEDIUM
IBM Spectrum Scale < 5.1.4.0 - Path Traversal via Pod and Persistent Volume Claim
Dec 19, 2022
CVSS 6.8
EPSS 0.01
CVE-2022-34318 MEDIUM
IBM CICS TX 11.1 - Clickjacking via Malicious Website
Dec 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-22488 MEDIUM
IBM Power System AC922 Firmware OP910 < OP910.70 and OP940 < OP940.40 DoS via CA Certificate Upload/Deletion
Dec 12, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-41296 MEDIUM
IBM Db2U 3.5, 4.0, and 4.5 - Cross-Site Request Forgery
Dec 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-41299 MEDIUM
IBM Cloud Transformation Advisor <3.3.1 - XSS
Dec 09, 2022
CVSS 4.4
EPSS 0.00
CVE-2022-43581 HIGH
IBM Content Navigator <3.0.12 - Auth Bypass
Dec 07, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-41735 MEDIUM
IBM Business Process Manager <21.0.3.1,20.0.0.2,19.0.0.3 - XSS
Dec 07, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-43867 HIGH
IBM Spectrum Scale <5.1.4.1 - Command Injection
Dec 06, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-34361 MEDIUM
IBM Sterling Secure Proxy 6.0.3 - Use of a Broken or Risky Cryptographic Algorithm
Dec 06, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-43901 MEDIUM
IBM WebSphere Automation <1.4.3 - Info Disclosure
Dec 01, 2022
CVSS 5.7
EPSS 0.00
CVE-2022-43900 MEDIUM
IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps < 1.4.3 - Unauthenticated Outbound Network Connection
Dec 01, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-41297 MEDIUM
IBM Db2U 3.5-4.5 - Cross-Site Request Forgery
Dec 01, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-41732 MEDIUM
IBM Maximo Mobile <8.9 - Info Disclosure
Nov 28, 2022
CVSS 6.2
EPSS 0.00
CVE-2022-40228 LOW
IBM DataPower Gateway Insufficient Session Expiration
Nov 22, 2022
CVSS 3.7
EPSS 0.00
CVE-2022-40746 HIGH
IBM i Access Client Solutions 1.1.2-1.1.9.0 - Authenticated Arbitrary Code Execution via DLL Hijacking
Nov 21, 2022
CVSS 7.2
EPSS 0.00
CVE-2022-40751 MEDIUM
IBM UrbanCode Deploy Credential Exposure via LDAP Search
Nov 17, 2022
CVSS 4.9
EPSS 0.01
CVE-2022-38390 MEDIUM
IBM Business Automation Workflow - XSS
Nov 17, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-40752 CRITICAL
IBM InfoSphere Information Server 11.7 - Command Injection
Nov 16, 2022
CVSS 9.8
EPSS 0.02
CVE-2022-34354 MEDIUM
IBM Sterling Partner Engagement Manager 2.0 - Info Disclosure
Nov 16, 2022
CVSS 4.0
EPSS 0.00
CVE-2022-40753 MEDIUM
IBM InfoSphere Information Server 11.7 - Stored Cross-Site Scripting
Nov 15, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-38385 HIGH
IBM Cloud Pak for Security <1.10.2.0 - Info Disclosure
Nov 15, 2022
CVSS 7.1
EPSS 0.01
CVE-2022-34320 MEDIUM
IBM CICS TX 11.1 - Use of a Broken or Risky Cryptographic Algorithm
Nov 14, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-34317 MEDIUM
IBM CICS TX 11.1 - Cross-Site Scripting in Web UI
Nov 14, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-34316 LOW
IBM CICS TX 11.1 - Cross-Site Scripting via HTTP Headers
Nov 14, 2022
CVSS 3.7
EPSS 0.01
CVE-2022-34315 MEDIUM
IBM CICS TX 11.1 - Cross-Site Scripting in Web UI
Nov 14, 2022
CVSS 5.4
EPSS 0.00