Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4615

Browse all 4615 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by IBM:DB2 for Linux, UNIX and WindowsInfoSphere Information ServerSterling B2B IntegratorWebSphere Application ServerSecurity GuardiumQRadar SIEMCognos AnalyticsMQMaximo Asset ManagementAPI ConnectRational Quality ManagerRational Collaborative Lifecycle ManagementSecurity Key Lifecycle ManagerAIXiSpectrum Protect PlusSpectrum ScaleRobotic Process AutomationUrbanCode DeployCognos ControllerAspera FaspexSterling File GatewaySecurity Identity Governance and IntelligenceRational DOORS Next GenerationCloud Pak for SecurityConcertCloud Pak SystemFinancial Transaction ManagerContent NavigatorPlanning Analytics Local
CVE IDTitleCVSSSeverityPublished
CVE-2024-49785 IBM watsonx.ai cross-site scripting — watsonx.aiCWE-79 5.4 Medium2025-01-12
CVE-2024-41787 IBM Engineering Requirements Management DOORS Next code execution — Engineering Requirements Management DOORS NextCWE-367 9.8 Critical2025-01-10
CVE-2022-22491 IBM App Connect Enterprise Certified Container denial of service — App Connect Enterprise Certified ContainerCWE-770 5.5 Medium2025-01-09
CVE-2024-43176 IBM OpenPages information disclosure — OpenPagesCWE-282 5.4 Medium2025-01-09
CVE-2024-40679 IBM Db2 information disclosure — Db2CWE-532 5.5 Medium2025-01-08
CVE-2022-22363 IBM Cognos Controller information disclosure — ControllerCWE-209 4.3 Medium2025-01-07
CVE-2021-20455 IBM Cognos Controller information disclosure — ControllerCWE-209 3.7 Low2025-01-07
CVE-2024-40702 IBM Cognos Controller improper certificate validation — ControllerCWE-295 8.2 High2025-01-07
CVE-2024-28778 IBM Cognos Controller information disclosure — ControllerCWE-798 6.5 Medium2025-01-07
CVE-2024-25037 IBM Cognos Controller information disclosure — ControllerCWE-209 4.3 Medium2025-01-07
CVE-2024-45100 IBM Security QRadar EDR denial of service — Security QRadar EDRCWE-770 4.9 Medium2025-01-07
CVE-2024-45640 IBM Security QRadar EDR information disclosure — Security QRadar EDRCWE-497 5.3 Medium2025-01-07
CVE-2024-52893 IBM Concert Software information disclosure — Concert SoftwareCWE-209 5.3 Medium2025-01-07
CVE-2024-52366 IBM Concert Software information disclosure — Concert SoftwareCWE-327 5.9 Medium2025-01-07
CVE-2024-52891 IBM Concert Software log manipulation — Concert SoftwareCWE-117 5.4 Medium2025-01-07
CVE-2024-52367 IBM Concert Software information disclosure — Concert SoftwareCWE-497 5.3 Medium2025-01-07
CVE-2024-51472 IBM DevOps Deploy / IBM UrbanCode Deploy HTML injection — DevOps DeployCWE-80 3.1 Low2025-01-06
CVE-2024-31914 IBM Sterling B2B Integrator cross-site scripting — Sterling B2B Integrator Standard EditionCWE-79 6.4 Medium2025-01-06
CVE-2024-31913 IBM Sterling B2B Integrator cross-site scripting — Sterling B2B Integrator Standard EditionCWE-79 5.5 Medium2025-01-06
CVE-2024-41763 IBM Engineering Lifecycle Optimization - Publishing information disclosure — Engineering Lifecycle Optimization PublishingCWE-327 5.9 Medium2025-01-04
CVE-2024-41766 IBM Engineering Lifecycle Optimization - Publishing denial of service — Engineering Lifecycle Optimization PublishingCWE-1333 7.5 High2025-01-04
CVE-2024-41765 IBM Engineering Lifecycle Optimization - Publishing directory traversal — Engineering Lifecycle Optimization PublishingCWE-22 6.5 Medium2025-01-04
CVE-2024-41767 IBM Engineering Lifecycle Optimization - Publishing SQL injection — Engineering Lifecycle Optimization PublishingCWE-89 7.3 High2025-01-04
CVE-2024-41768 IBM Engineering Lifecycle Optimization - Publishing unhandled SLL exception — Engineering Lifecycle Optimization PublishingCWE-544 6.5 Medium2025-01-04
CVE-2024-55897 IBM PowerHA SystemMirror for i information disclosure — i 4.3 Medium2025-01-03
CVE-2024-55896 IBM PowerHA SystemMirror for i clickjacking — iCWE-451 5.4 Medium2025-01-03
CVE-2024-41780 IBM Jazz Foundation information disclosure — Jazz FoundationCWE-359 4.2 Medium2025-01-03
CVE-2024-5591 IBM Jazz Foundation information disclosure — Jazz FoundationCWE-209 4.3 Medium2025-01-03
CVE-2024-54181 IBM WebSphere Automation command injection — WebSphere AutomationCWE-78 7.2 High2024-12-30
CVE-2024-52906 IBM AIX denial of service — AIXCWE-362 5.5 Medium2024-12-25

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.