| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-36135 | IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable to Cross-Site Scripting | IBM | Sterling B2B Integrator | Medium | 5.4 | 2025-11-07 18:26:58 | Deep Dive |
| CVE-2024-47118 | IBM Db2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query | IBM | Db2 | Medium | 6.5 | 2025-11-07 18:23:08 | Deep Dive |
| CVE-2025-33110 | IBM OpenPages Vulnerable to HTML Injection | IBM | OpenPages | Medium | 5.4 | 2025-11-06 20:43:17 | Deep Dive |
| CVE-2025-36054 | Cross-site scripting vulnerability affect IBM Business Automation Workflow Process Federation Server - | IBM | Business Automation Workflow containers | Medium | 6.1 | 2025-11-06 14:11:49 | Deep Dive |
| CVE-2025-36172 | Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for 24.0.0-IF007, 24.0.1-IF005 and 25.0.0-IF002 | IBM | Cloud Pak for Business Automation | Medium | 6.4 | 2025-11-03 21:18:09 | Deep Dive |
| CVE-2025-12531 | IBM InfoSphere Information Server is affected by an XML external entity injection (XXE) vulnerability | IBM | InfoSphere Information Server | High | 7.1 | 2025-11-03 19:47:41 | Deep Dive |
| CVE-2025-36093 | security vulnerabilities are addressed with IBM Business Automation Insights iFixes for October 2025. | IBM | Cloud Pak For Business Automation | Medium | 4.8 | 2025-11-03 15:54:31 | Deep Dive |
| CVE-2025-36092 | IBM Business Automation Insights improper input validation | IBM | Cloud Pak For Business Automation | Medium | 6.5 | 2025-11-03 15:15:44 | Deep Dive |
| CVE-2025-36091 | IBM Business Automation Insights unverified ownership | IBM | Cloud Pak For Business Automation | Medium | 4.3 | 2025-11-03 15:14:03 | Deep Dive |
| CVE-2025-36367 | IBM i is affected by a privilege escalation in IBM i SQL services | IBM | i | High | 8.8 | 2025-11-01 12:01:31 | Deep Dive |
| CVE-2025-36249 | IBM Jazz for Service Management is vulnerable to "filter" cookie not sent over SSL | IBM | Jazz for Service Management | Low | 3.7 | 2025-10-31 13:05:33 | Deep Dive |
| CVE-2025-33003 | IBM InfoSphere Information Server is vulnerable to privilege escalation | IBM | InfoSphere Information Server | High | 7.8 | 2025-10-31 13:04:31 | Deep Dive |
| CVE-2025-4952 | Denial-of-service vulnerability in ESET security products for Windows | ESET | ESET NOD32 Antivirus | 中危 | - | 2025-10-31 12:28:15 | Deep Dive |
| CVE-2025-3356 | IBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operations | IBM | Tivoli Monitoring | High | 8.6 | 2025-10-30 19:22:37 | Deep Dive |
| CVE-2025-3355 | IBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operations | IBM | Tivoli Monitoring | High | 7.5 | 2025-10-30 19:21:42 | Deep Dive |
| CVE-2025-36137 | IBM Sterling Connect:Direct for UNIX command execution | IBM | Sterling Connect:Direct for Unix | High | 7.2 | 2025-10-30 18:53:33 | Deep Dive |
| CVE-2025-36386 | There is a vulnerability in the IBM Maximo Manage application in IBM Maximo Application Suite for Cognos Analytics | IBM | IBM Maximo Application Suite | Critical | 9.8 | 2025-10-28 15:56:59 | Deep Dive |
| CVE-2025-36085 | Multiple Vulnerabilities in IBM Concert Software. | IBM | Concert | Medium | 5.4 | 2025-10-28 14:58:31 | Deep Dive |
| CVE-2025-36083 | Multiple Vulnerabilities in IBM Concert Software. | IBM | Concert Software | Medium | 6.2 | 2025-10-28 14:55:36 | Deep Dive |
| CVE-2025-36081 | Multiple Vulnerabilities in IBM Concert Software. | IBM | Concert Software | Medium | 5.3 | 2025-10-28 14:53:11 | Deep Dive |