ibm

8,202 tracked vulnerabilities.

CVE-2022-22314 LOW
IBM Planning Analytics Local 2.0 - Info Disclosure
Sep 08, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-36773 HIGH
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 - XML External Entity Injection
Sep 01, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-30614 HIGH
IBM Cognos Analytics 11.1.7, 11.2.0, 11.2.1 - Denial of Service via Email Flooding
Sep 01, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-35714 MEDIUM
IBM Maximo Asset Management 7.6.1 - Stored Cross-Site Scripting
Aug 26, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-31773 HIGH
IBM DataPower Gateway 10.0.1-10.5.0 - Cross-Site Request Forgery
Aug 26, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-22489 CRITICAL
IBM MQ 8.0 and 9.0-9.2 - XML External Entity Information Disclosure
Aug 19, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-22455 CRITICAL
IBM Security Verify Governance Identity Manager 10.0 - Privilege Es...
Aug 17, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-35715 HIGH
IBM InfoSphere Information Server 11.7 - Info Disclosure
Aug 10, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-35280 CRITICAL
IBM Robotic Process Automation <21.0.3 - Info Disclosure
Aug 10, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-22490 MEDIUM
IBM Robotic Process Automation <21.0.3 - Info Disclosure
Aug 10, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-22411 MEDIUM
IBM Spectrum Scale DAS <5.1.3.1 - Code Injection
Aug 10, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-22369 HIGH
IBM Workload Scheduler <9.5 - Local Privilege Escalation
Aug 10, 2022
CVSS 7.1
EPSS 0.00
CVE-2022-34307 MEDIUM
IBM CICS TX 11.1 - Missing Encryption of Sensitive Data in Session Cookies
Aug 01, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-34164 MEDIUM
IBM CICS TX 11.1 - Privilege Escalation
Aug 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-34163 MEDIUM
IBM CICS TX 11.1 - HTTP Header Injection
Aug 01, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-34162 MEDIUM
IBM CICS TX 11.1 - Clickjacking via Malicious Website
Aug 01, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-34161 HIGH
IBM CICS TX 11.1 - Cross-Site Request Forgery
Aug 01, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-33955 MEDIUM
IBM CICS TX 11.1 - OS Command Injection via Back and Refresh Attack
Aug 01, 2022
CVSS 6.8
EPSS 0.00
CVE-2022-35716 MEDIUM
IBM UrbanCode Deploy <7.2.3.0 - Info Disclosure
Aug 01, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-34338 MEDIUM
IBM Robotic Process Automation 21.0.0-21.0.2 - Sensitive Information Disclosure
Aug 01, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-33169 MEDIUM
IBM Robotic Process Automation <21.0.3 - Info Disclosure
Aug 01, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-32750 MEDIUM
IBM DataPower Gateway Stored XSS in Web UI
Aug 01, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-31776 HIGH
IBM DataPower Gateway SSRF (10.0.1.0-10.0.1.8, 10.0.2.0-10.0.4.0, 10.5.0.0, 2018.4.1.0-2018.4.1.21)
Aug 01, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-31775 CRITICAL
IBM DataPower Gateway XML External Entity Injection
Aug 01, 2022
CVSS 9.1
EPSS 0.00
CVE-2022-31774 MEDIUM
IBM DataPower Gateway Stored XSS in Web UI
Aug 01, 2022
CVSS 5.4
EPSS 0.00
Products
websphere_application_server 445 aix 393 db2 328 rational_quality_manager 202 sterling_b2b_integrator 195 infosphere_information_server 188 qradar_security_information_and_event_manager 187 maximo_asset_management 182 rational_doors_next_generation 153 rational_team_concert 142 rational_collaborative_lifecycle_management 141 rational_engineering_lifecycle_manager 141 websphere_portal 126 security_guardium 112 cognos_analytics 102 sterling_file_gateway 93 rational_rhapsody_design_manager 90 security_verify_access 90 websphere_mq 89 business_process_manager 88 lotus_domino 86 vios 85 rational_software_architect_design_manager 81 api_connect 79 lotus_notes 71 security_key_lifecycle_manager 70 db2_universal_database 66 concert 65 smartcloud_control_desk 65 urbancode_deploy 63
Quick Filters
Critical CVEs With Exploits In CISA KEV