ibm
8,286 tracked vulnerabilities.
CVE-2021-38990
HIGH
IBM AIX 7.1, 7.2 and VIOS 3.1 - Local Code Execution via Mount Command
Jan 10, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-38957
HIGH
IBM Security Verify <10.0.2.0 - Info Disclosure
Jan 10, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-38956
MEDIUM
IBM Security Verify <10.0.2.0 - Info Disclosure
Jan 10, 2022
CVSS 5.3
EPSS 0.01
CVE-2021-38921
HIGH
IBM Security Verify <10.0.3 - Info Disclosure
Jan 10, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-38895
MEDIUM
IBM Security Verify <10.0.2.0 - XSS
Jan 10, 2022
CVSS 5.4
EPSS 0.00
CVE-2021-38894
LOW
IBM Security Verify <10.0.3 - Info Disclosure
Jan 10, 2022
CVSS 2.7
EPSS 0.01
CVE-2021-38918
HIGH
IBM PowerVM Hypervisor - Privilege Escalation
Jan 05, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-38876
MEDIUM
IBM i 7.2-7.4 - Cross-Site Scripting in Web UI
Dec 30, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-38961
MEDIUM
IBM Power System AC922 Firmware - Stored Cross-Site Scripting in Web UI
Dec 27, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-39013
MEDIUM
IBM Cloud Pak for Security <1.7.2.0 - Info Disclosure
Dec 22, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-38966
MEDIUM
IBM Cloud Pak for Automation 21.0.2 - XSS
Dec 21, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-38900
MEDIUM
IBM BPM 8.5-8.6 & BAW 18.0-21.0 - Authenticated Info Disclosure via Improper Access Controls
Dec 21, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-38893
MEDIUM
IBM Business Process Manager 8.5-8.6 and Business Automation Workflow 18.0-21.0 - Stored Cross-Site Scripting
Dec 21, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-38883
MEDIUM
IBM Business Automation Workflow <21.0 - XSS
Dec 17, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-29847
MEDIUM
IBM Power System S821LC Server (8001-12C) OP825.50 - Info Disclosure
Dec 15, 2021
CVSS 5.9
EPSS 0.01
CVE-2021-38950
HIGH
IBM MQ on HPE NonStop <8.1.0 - Privilege Escalation
Dec 14, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-39063
CRITICAL
IBM Spectrum Protect Plus 10.1.0-10.1.8.x - Origin Validation Error via CORS Misconfiguration
Dec 13, 2021
CVSS 9.1
EPSS 0.01
CVE-2021-39057
HIGH
IBM Spectrum Protect Plus 10.1.0-10.1.8.x - Authenticated Server-Side Request Forgery
Dec 13, 2021
CVSS 8.1
EPSS 0.00
CVE-2021-39050
HIGH
IBM i2 Analyst's Notebook 9.2.0-9.2.2 - Stack-Based Buffer Overflow
Dec 13, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-39049
HIGH
IBM i2 Analyst's Notebook 9.2.0-9.2.2 - Stack-Based Buffer Overflow
Dec 13, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-39048
MEDIUM
IBM Spectrum Protect Client 7.1 and 8.1 - Stack-Based Buffer Overflow
Dec 13, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-38901
MEDIUM
IBM Spectrum Protect Operations Center 7.1 - Info Disclosure
Dec 13, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-39065
CRITICAL
IBM Spectrum Copy Data Management < 2.2.13 - Remote Code Execution via Admin Console Upload Certificate Function
Dec 13, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-39064
HIGH
IBM Spectrum Copy Data Management <= 2.2.13 - Improper Authentication via Default Credentials
Dec 13, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-39058
HIGH
IBM Spectrum Copy Data Management < 2.2.13 - Use of a Broken or Risky Cryptographic Algorithm
Dec 13, 2021
CVSS 7.5
EPSS 0.01
Products
websphere_application_server 465
aix 400
db2 339
rational_quality_manager 202
sterling_b2b_integrator 195
qradar_security_information_and_event_manager 190
infosphere_information_server 189
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 104
sterling_file_gateway 93
vios 92
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
api_connect 81
rational_software_architect_design_manager 81
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
smartcloud_control_desk 65
urbancode_deploy 65
Quick Filters