| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-13925 | Multiple vulnerabilities in IBM Aspera Console | IBM | Aspera Console | Medium | 4.9 | 2026-01-20 14:56:31 | Deep Dive |
| CVE-2025-12985 | License Service: Privilege escalation vulnerability | IBM | IBM Licensing Operator | High | 8.4 | 2026-01-20 14:50:52 | Deep Dive |
| CVE-2025-64645 | Multiple Vulnerabilities in IBM Concert Software. | IBM | Concert | High | 7.7 | 2025-12-26 14:24:58 | Deep Dive |
| CVE-2025-36230 | XSS in IBM Aspera Faspex | IBM | Aspera Faspex 5 | Medium | 5.4 | 2025-12-26 14:22:46 | Deep Dive |
| CVE-2025-36229 | Exposure of Sensitive System Information to an Unauthorized Control Sphere in IBM Aspera Faspex | IBM | Aspera Faspex 5 | Low | 3.1 | 2025-12-26 14:15:03 | Deep Dive |
| CVE-2025-36228 | Incorrect Execution-Assigned Permissions in IBM Aspera Faspex | IBM | Aspera Faspex 5 | Low | 3.8 | 2025-12-26 14:11:45 | Deep Dive |
| CVE-2025-36192 | Missing Authorization with the DS8900F and DS8A00 Hardware Management Console | IBM | DS8A00( R10.1) | Medium | 6.7 | 2025-12-26 13:58:52 | Deep Dive |
| CVE-2025-14687 | Client-Side Enforcement of Server-Side Security in IBM Db2 Intelligence Center | IBM | Db2 Intelligence Center | Medium | 4.3 | 2025-12-26 13:21:33 | Deep Dive |
| CVE-2025-13915 | Authentication bypass in IBM API Connect | IBM | API Connect | Critical | 9.8 | 2025-12-26 13:16:25 | Deep Dive |
| CVE-2025-12771 | IBM Concert Software Improper Restriction of Operations within the Bounds of a Memory Buffer. | IBM | Concert | High | 7.8 | 2025-12-26 13:01:23 | Deep Dive |
| CVE-2025-1721 | BM Concert Software Improper Clearing of Heap Memory Before Release. | IBM | Concert | Medium | 5.9 | 2025-12-26 12:55:56 | Deep Dive |
| CVE-2025-36154 | IBM Concert Software Cleartext Storage in a File or on Disk. | IBM | Concert | Medium | 6.2 | 2025-12-24 19:01:48 | Deep Dive |
| CVE-2025-13489 | IBM DevOps Deploy is susceptible to a Cleartext Transmission of Sensitive Information | IBM | UCD - IBM DevOps Deploy | Medium | 5.9 | 2025-12-15 19:51:14 | Deep Dive |
| CVE-2025-14148 | IBM DevOps Deploy is susceptible to a Insufficiently Protected Credentials vulnerability | IBM | UCD - IBM DevOps Deploy | Medium | 6.5 | 2025-12-15 19:43:08 | Deep Dive |
| CVE-2025-36360 | IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to an Insufficient Session Expiration vulnerability | IBM | UCD - IBM UrbanCode Deploy | Medium | 5.0 | 2025-12-15 19:38:58 | Deep Dive |
| CVE-2025-13214 | IBM Aspera Orchestrator SQL Injection | IBM | Aspera Orchestrator | High | 7.6 | 2025-12-11 19:49:09 | Deep Dive |
| CVE-2025-13148 | IBM Aspera Orchestrator Unverified Password Change | IBM | Aspera Orchestrator | High | 8.1 | 2025-12-11 19:48:19 | Deep Dive |
| CVE-2025-13481 | IBM Aspera Orchestrator Command Injection | IBM | Aspera Orchestrator | High | 8.8 | 2025-12-11 19:47:10 | Deep Dive |
| CVE-2025-13211 | IBM Aspera Orchestrator Denial of Service | IBM | Aspera Orchestrator | Medium | 5.3 | 2025-12-11 19:45:46 | Deep Dive |
| CVE-2025-36437 | IBM Planning Analytics Local is vulnerable to disclosing sensitive information | IBM | IBM Planning Analytics Local | Medium | 4.3 | 2025-12-09 22:04:15 | Deep Dive |