ibm
8,286 tracked vulnerabilities.
CVE-2022-40234
MEDIUM
IBM Spectrum Protect Plus < 10.1.12 - Private Key Exposure in TLS Certificate Upload
Sep 19, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-36768
HIGH
IBM AIX <7.4 - Privilege Escalation
Sep 13, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-35637
MEDIUM
IBM Db2 9.7, 10.1, 10.5, 11.1, 11.5 - Denial of Service via Malformed SQL Statement in Db2expln Tool
Sep 13, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-34356
HIGH
IBM AIX <7.4 - Privilege Escalation
Sep 13, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-34336
MEDIUM
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 - Cross-Site Scripting
Sep 13, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-22483
MEDIUM
IBM Db2 9.7, 10.1, 10.5, 11.1, 11.5 - Unauthorized Information Disclosure via CREATE OR REPLACE Command
Sep 13, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22330
MEDIUM
IBM Control Desk 7.6.1 - Info Disclosure
Sep 13, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-22329
MEDIUM
IBM Control Desk 7.6.1 - Open Redirect
Sep 13, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34165
MEDIUM
IBM WebSphere Application Server <22.0.0.9 - HTTP Header Injection
Sep 09, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-22314
LOW
IBM Planning Analytics Local 2.0 - Info Disclosure
Sep 08, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-36773
HIGH
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 - XML External Entity Injection
Sep 01, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-30614
HIGH
IBM Cognos Analytics 11.1.7, 11.2.0, 11.2.1 - Denial of Service via Email Flooding
Sep 01, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-35714
MEDIUM
IBM Maximo Asset Management 7.6.1 - Stored Cross-Site Scripting
Aug 26, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-31773
HIGH
IBM DataPower Gateway 10.0.1-10.5.0 - Cross-Site Request Forgery
Aug 26, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-22489
CRITICAL
IBM MQ 8.0 and 9.0-9.2 - XML External Entity Information Disclosure
Aug 19, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-22455
CRITICAL
IBM Security Verify Governance Identity Manager 10.0 - Privilege Es...
Aug 17, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-35715
HIGH
IBM InfoSphere Information Server 11.7 - Info Disclosure
Aug 10, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-35280
CRITICAL
IBM Robotic Process Automation <21.0.3 - Info Disclosure
Aug 10, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-22490
MEDIUM
IBM Robotic Process Automation <21.0.3 - Info Disclosure
Aug 10, 2022
CVSS 4.9
EPSS 0.01
CVE-2022-22411
MEDIUM
IBM Spectrum Scale DAS <5.1.3.1 - Code Injection
Aug 10, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22369
HIGH
IBM Workload Scheduler <9.5 - Local Privilege Escalation
Aug 10, 2022
CVSS 7.1
EPSS 0.00
CVE-2022-34307
MEDIUM
IBM CICS TX 11.1 - Missing Encryption of Sensitive Data in Session Cookies
Aug 01, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-34164
MEDIUM
IBM CICS TX 11.1 - Privilege Escalation
Aug 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-34163
MEDIUM
IBM CICS TX 11.1 - HTTP Header Injection
Aug 01, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-34162
MEDIUM
IBM CICS TX 11.1 - Clickjacking via Malicious Website
Aug 01, 2022
CVSS 6.1
EPSS 0.01
Products
websphere_application_server 465
aix 400
db2 339
rational_quality_manager 202
sterling_b2b_integrator 195
qradar_security_information_and_event_manager 190
infosphere_information_server 189
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 104
sterling_file_gateway 93
vios 92
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
api_connect 81
rational_software_architect_design_manager 81
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
smartcloud_control_desk 65
urbancode_deploy 65
Quick Filters