ibm
8,286 tracked vulnerabilities.
CVE-2022-40607
MEDIUM
IBM Spectrum Scale < 5.1.4.0 - Path Traversal via Pod and Persistent Volume Claim
Dec 19, 2022
CVSS 6.8
EPSS 0.01
CVE-2022-34318
MEDIUM
IBM CICS TX 11.1 - Clickjacking via Malicious Website
Dec 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-22488
MEDIUM
IBM Power System AC922 Firmware OP910 < OP910.70 and OP940 < OP940.40 DoS via CA Certificate Upload/Deletion
Dec 12, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-41296
MEDIUM
IBM Db2U 3.5, 4.0, and 4.5 - Cross-Site Request Forgery
Dec 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-41299
MEDIUM
IBM Cloud Transformation Advisor <3.3.1 - XSS
Dec 09, 2022
CVSS 4.4
EPSS 0.00
CVE-2022-43581
HIGH
IBM Content Navigator <3.0.12 - Auth Bypass
Dec 07, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-41735
MEDIUM
IBM Business Process Manager <21.0.3.1,20.0.0.2,19.0.0.3 - XSS
Dec 07, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-43867
HIGH
IBM Spectrum Scale <5.1.4.1 - Command Injection
Dec 06, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-34361
MEDIUM
IBM Sterling Secure Proxy 6.0.3 - Use of a Broken or Risky Cryptographic Algorithm
Dec 06, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-43901
MEDIUM
IBM WebSphere Automation <1.4.3 - Info Disclosure
Dec 01, 2022
CVSS 5.7
EPSS 0.00
CVE-2022-43900
MEDIUM
IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps < 1.4.3 - Unauthenticated Outbound Network Connection
Dec 01, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-41297
MEDIUM
IBM Db2U 3.5-4.5 - Cross-Site Request Forgery
Dec 01, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-41732
MEDIUM
IBM Maximo Mobile <8.9 - Info Disclosure
Nov 28, 2022
CVSS 6.2
EPSS 0.00
CVE-2022-40228
LOW
IBM DataPower Gateway Insufficient Session Expiration
Nov 22, 2022
CVSS 3.7
EPSS 0.00
CVE-2022-40746
HIGH
IBM i Access Client Solutions 1.1.2-1.1.9.0 - Authenticated Arbitrary Code Execution via DLL Hijacking
Nov 21, 2022
CVSS 7.2
EPSS 0.00
CVE-2022-40751
MEDIUM
IBM UrbanCode Deploy Credential Exposure via LDAP Search
Nov 17, 2022
CVSS 4.9
EPSS 0.01
CVE-2022-38390
MEDIUM
IBM Business Automation Workflow - XSS
Nov 17, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-40752
CRITICAL
IBM InfoSphere Information Server 11.7 - Command Injection
Nov 16, 2022
CVSS 9.8
EPSS 0.02
CVE-2022-34354
MEDIUM
IBM Sterling Partner Engagement Manager 2.0 - Info Disclosure
Nov 16, 2022
CVSS 4.0
EPSS 0.00
CVE-2022-40753
MEDIUM
IBM InfoSphere Information Server 11.7 - Stored Cross-Site Scripting
Nov 15, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-38385
HIGH
IBM Cloud Pak for Security <1.10.2.0 - Info Disclosure
Nov 15, 2022
CVSS 7.1
EPSS 0.01
CVE-2022-34320
MEDIUM
IBM CICS TX 11.1 - Use of a Broken or Risky Cryptographic Algorithm
Nov 14, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-34317
MEDIUM
IBM CICS TX 11.1 - Cross-Site Scripting in Web UI
Nov 14, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-34316
LOW
IBM CICS TX 11.1 - Cross-Site Scripting via HTTP Headers
Nov 14, 2022
CVSS 3.7
EPSS 0.01
CVE-2022-34315
MEDIUM
IBM CICS TX 11.1 - Cross-Site Scripting in Web UI
Nov 14, 2022
CVSS 5.4
EPSS 0.00
Products
websphere_application_server 465
aix 400
db2 339
rational_quality_manager 202
sterling_b2b_integrator 195
qradar_security_information_and_event_manager 190
infosphere_information_server 189
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 104
sterling_file_gateway 93
vios 92
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
api_connect 81
rational_software_architect_design_manager 81
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
smartcloud_control_desk 65
urbancode_deploy 65
Quick Filters