ibm
8,286 tracked vulnerabilities.
CVE-2021-39028
MEDIUM
IBM Engineering Lifecycle Optimization - Publishing HTTP Header Injection via HOST Header
Jul 14, 2022
CVSS 5.4
EPSS 0.01
CVE-2021-39019
MEDIUM
IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, 7.0.2 - Sensitive Information Exposure
Jul 14, 2022
CVSS 6.5
EPSS 0.01
CVE-2021-39018
MEDIUM
IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, 7.0.2 - Sensitive Information Disclosure
Jul 14, 2022
CVSS 4.3
EPSS 0.01
CVE-2021-39017
MEDIUM
IBM Engineering Lifecycle Optimization - Publishing <7.0.2 - RCE
Jul 14, 2022
CVSS 6.5
EPSS 0.01
CVE-2021-39016
MEDIUM
IBM Engineering Lifecycle Optimization - Publishing <7.0.2 - DoS
Jul 14, 2022
CVSS 4.3
EPSS 0.01
CVE-2021-39015
MEDIUM
IBM Engineering Lifecycle Optimization - Publishing 7.0, 7.0.1, and 7.0.2 - Cross-Site Scripting
Jul 14, 2022
CVSS 5.4
EPSS 0.00
CVE-2021-39041
MEDIUM
IBM QRadar SIEM 7.3-7.5 - Partial Denial of Service
Jul 12, 2022
CVSS 5.3
EPSS 0.01
CVE-2021-38954
MEDIUM
IBM Sterling B2B Integrator <6.1.1.0 - Info Disclosure
Jun 30, 2022
CVSS 4.3
EPSS 0.01
CVE-2021-38941
HIGH
IBM CloudPak for Multicloud Monitoring <2.4 - Info Disclosure
Jun 30, 2022
CVSS 8.1
EPSS 0.01
CVE-2021-39074
MEDIUM
IBM Security Guardium 11.4 - Stored Cross-Site Scripting in Web UI
Jun 29, 2022
CVSS 6.1
EPSS 0.01
CVE-2021-38879
MEDIUM
IBM Jazz Team Server <7.0.2 - Info Disclosure
Jun 24, 2022
CVSS 5.3
EPSS 0.01
CVE-2021-38871
MEDIUM
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, 7.0.2 - Cross-Site Scripting
Jun 24, 2022
CVSS 5.4
EPSS 0.00
CVE-2021-29865
MEDIUM
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, 7.0.2 - Clickjacking
Jun 24, 2022
CVSS 5.4
EPSS 0.01
CVE-2021-20551
LOW
IBM Jazz Team Server - Info Disclosure
Jun 24, 2022
CVSS 3.3
EPSS 0.00
CVE-2021-20544
MEDIUM
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, 7.0.2 - Authenticated Server-Side Request Forgery
Jun 24, 2022
CVSS 4.3
EPSS 0.00
CVE-2021-20543
MEDIUM
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, 7.0.2 - HTML Injection
Jun 24, 2022
CVSS 5.4
EPSS 0.01
CVE-2021-20421
MEDIUM
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, 7.0.2 - Authenticated Server-Side Request Forgery
Jun 24, 2022
CVSS 4.3
EPSS 0.00
CVE-2021-20355
MEDIUM
IBM Jazz Team Server <7.0.3 - Info Disclosure
Jun 24, 2022
CVSS 5.3
EPSS 0.01
CVE-2021-39047
MEDIUM
IBM Cognos Analytics 11.1.0-11.1.7 and 11.2.0-11.2.1 - Cross-Site Scripting
Jun 24, 2022
CVSS 6.1
EPSS 0.01
CVE-2021-38945
CRITICAL
IBM Cognos Analytics 11.1.0-11.1.7 - Unrestricted Upload of File with Dangerous Type
Jun 24, 2022
CVSS 9.8
EPSS 0.02
CVE-2021-29768
MEDIUM
IBM Cognos Analytics <11.2.1 - Info Disclosure
Jun 24, 2022
CVSS 6.5
EPSS 0.01
CVE-2021-39006
MEDIUM
IBM QRadar WinCollect Agent <10.0.1 - Info Disclosure
Jun 21, 2022
CVSS 5.3
EPSS 0.01
CVE-2021-39043
MEDIUM
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, 7.0.2 - Stored Cross-Site Scripting
May 20, 2022
CVSS 5.4
EPSS 0.00
CVE-2021-38944
MEDIUM
IBM DataPower Gateway <10.0.2.0 - HTTP Header Injection
May 18, 2022
CVSS 6.1
EPSS 0.01
CVE-2021-38872
HIGH
IBM DataPower Gateway <10.0.2.0 - DoS
May 17, 2022
CVSS 7.5
EPSS 0.01
Products
websphere_application_server 465
aix 400
db2 339
rational_quality_manager 202
sterling_b2b_integrator 195
qradar_security_information_and_event_manager 190
infosphere_information_server 189
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 104
sterling_file_gateway 93
vios 92
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
api_connect 81
rational_software_architect_design_manager 81
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
smartcloud_control_desk 65
urbancode_deploy 65
Quick Filters