ibm
8,286 tracked vulnerabilities.
CVE-2022-34314
MEDIUM
IBM CICS TX 11.1 - Exposure of Sensitive Information via Insecure Permission Settings
Nov 14, 2022
CVSS 4.0
EPSS 0.00
CVE-2022-38705
MEDIUM
IBM CICS TX 11.1 - Reverse Tabnabbing
Nov 14, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-34329
MEDIUM
IBM CICS TX 11.7 - Exposure of Sensitive Information via HTTP Response Headers
Nov 14, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-34319
MEDIUM
IBM CICS TX 11.7 - Use of a Broken or Risky Cryptographic Algorithm
Nov 14, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-34313
MEDIUM
IBM CICS TX 11.1 - Exposure of Sensitive Information via Insecure Cookie Transmission
Nov 14, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34312
MEDIUM
IBM CICS TX 11.1 - Unauthorized Exposure of Sensitive Information via Local Web Page Storage
Nov 14, 2022
CVSS 4.0
EPSS 0.00
CVE-2022-35719
MEDIUM
IBM MQ Internet Pass-Thru <9.2 - Info Disclosure
Nov 14, 2022
CVSS 5.1
EPSS 0.00
CVE-2022-40750
MEDIUM
IBM WebSphere Application Server 8.5 and 9.0 - Cross-Site Scripting
Nov 11, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-38387
HIGH
IBM Cloud Pak for Security (CP4S) <1.10.2.0 - Command Injection
Nov 11, 2022
CVSS 7.1
EPSS 0.01
CVE-2022-36776
MEDIUM
IBM Cloud Pak for Security 1.10.0.0-1.10.2.0 - Cross-Site Scripting
Nov 11, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-31772
MEDIUM
IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, 9.2 LTS - Authenticated Denial of Service via MQTT Channels
Nov 11, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-34331
MEDIUM
IBM PowerVM Hypervisor - Improper Authentication
Nov 11, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-43574
HIGH
IBM Robotic Process Automation <21.0.6 - Privilege Escalation
Nov 03, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-42442
LOW
IBM Robotic Process Automation for Cloud Pak < 21.0.6 - Exposure of Sensitive Information via Tenant Owner Email
Nov 03, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-40747
CRITICAL
IBM InfoSphere Information Server 11.7 - XML External Entity Injection
Nov 03, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-40235
MEDIUM
IBM InfoSphere Information Server 11.7 - Denial of Service via Job Input Validation
Nov 03, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-40230
MEDIUM
IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS - Insufficient Session Expiration
Nov 03, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-38712
MEDIUM
IBM WebSphere Application Server - SOAPAction Spoofing
Nov 03, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-38710
MEDIUM
IBM Robotic Process Automation <21.0.2 - Info Disclosure
Nov 03, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-35717
HIGH
IBM InfoSphere Information Server 11.7 - Command Injection
Nov 03, 2022
CVSS 7.8
EPSS 0.01
CVE-2022-35642
MEDIUM
IBM InfoSphere Information Server 11.7 - XSS
Nov 03, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-35279
MEDIUM
IBM Business Automation Workflow Authenticated Sensitive Information Disclosure
Nov 03, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-34339
MEDIUM
IBM Cognos Analytics 11.1.0-11.1.7 - Authenticated Cleartext Storage of Sensitive Information
Nov 03, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-30615
MEDIUM
IBM InfoSphere Information Server 11.7 - Stored Cross-Site Scripting
Nov 03, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-30608
HIGH
IBM InfoSphere Information Server 11.7 - Cross-Site Request Forgery
Nov 03, 2022
CVSS 8.8
EPSS 0.00
Products
websphere_application_server 465
aix 400
db2 339
rational_quality_manager 202
sterling_b2b_integrator 195
qradar_security_information_and_event_manager 190
infosphere_information_server 189
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 104
sterling_file_gateway 93
vios 92
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
api_connect 81
rational_software_architect_design_manager 81
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
smartcloud_control_desk 65
urbancode_deploy 65
Quick Filters