Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4615

Browse all 4615 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by IBM:DB2 for Linux, UNIX and WindowsInfoSphere Information ServerSterling B2B IntegratorWebSphere Application ServerSecurity GuardiumQRadar SIEMCognos AnalyticsMQMaximo Asset ManagementAPI ConnectRational Quality ManagerRational Collaborative Lifecycle ManagementSecurity Key Lifecycle ManagerAIXiSpectrum Protect PlusSpectrum ScaleRobotic Process AutomationUrbanCode DeployCognos ControllerAspera FaspexSterling File GatewaySecurity Identity Governance and IntelligenceRational DOORS Next GenerationCloud Pak for SecurityConcertCloud Pak SystemFinancial Transaction ManagerContent NavigatorPlanning Analytics Local
CVE IDTitleCVSSSeverityPublished
CVE-2024-52899 IBM Data Virtualization Manager code execution — Data Virtualization Manager for z/OSCWE-94 8.5 High2024-11-26
CVE-2023-26280 IBM Jazz Foundation improper access control — Jazz FoundationCWE-266 5.3 Medium2024-11-25
CVE-2023-45181 IBM Jazz Foundation cross-site scripting — Jazz FoundationCWE-79 6.1 Medium2024-11-25
CVE-2024-35160 IBM Watson Query on Cloud Pak for Data and IBM Db2 Big SQL on Cloud Pak for Data information disclosure — Watson Query for Cloud Pak for DataCWE-613 4.3 Medium2024-11-23
CVE-2024-41761 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-789 5.3 Medium2024-11-23
CVE-2024-41779 IBM Engineering Systems Design Rhapsody - Model Manager — Engineering Systems Design Rhapsody - Model ManagerCWE-367 9.8 Critical2024-11-22
CVE-2024-41781 IBM PowerVM Hypervisor information disclosure — PowerVM HypervisorCWE-497 5.1 Medium2024-11-22
CVE-2024-45663 IBM Db2 denial of service — Db2 for Linux, UNIX and Windows 6.5 Medium2024-11-21
CVE-2024-52359 IBM Concert Software improper access controls — Concert SoftwareCWE-286 4.3 Medium2024-11-19
CVE-2024-52360 IBM Concert Software SQL injection — Concert SoftwareCWE-89 7.6 High2024-11-19
CVE-2024-37070 IBM Concert Software information disclosure — Concert SoftwareCWE-497 4.3 Medium2024-11-19
CVE-2024-39726 IBM Engineering Insights XML external entity injection — Engineering InsightsCWE-611 8.2 High2024-11-15
CVE-2024-41784 IBM Sterling Secure Proxy directory traversal — Sterling Secure ProxyCWE-32 7.5 High2024-11-15
CVE-2024-43189 IBM Concert Software information disclosure — Concert SoftwareCWE-327 5.9 Medium2024-11-15
CVE-2024-41785 IBM Concert cross-site scripting — Concert SoftwareCWE-79 6.1 Medium2024-11-15
CVE-2024-45642 IBM Security ReaQta information disclosure — Security ReaQtaCWE-942 5.3 Medium2024-11-14
CVE-2024-45099 IBM Security ReaQta cross-site scripting — Security ReaQtaCWE-79 3.1 Low2024-11-14
CVE-2024-45670 IBM Security SOAR weak password recovery mechanism — Security SOARCWE-640 5.6 Medium2024-11-14
CVE-2024-45087 IBM WebSphere Application Server cross-site scripting — WebSphere Application ServerCWE-79 4.8 Medium2024-11-11
CVE-2024-45088 IBM Maximo Asset Management cross-site scripting — Maximo Asset ManagementCWE-79 6.4 Medium2024-11-11
CVE-2024-35146 IBM Maximo Application Suite cross-site scripting — Maximo Application SuiteCWE-79 5.4 Medium2024-11-06
CVE-2024-45086 IBM WebSphere Application Server XML external entity injection — WebSphere Application ServerCWE-611 5.5 Medium2024-11-04
CVE-2024-41744 IBM CICS TX Standard cross-site request forgery — CICS TX Standard 6.5 Medium2024-11-01
CVE-2024-41745 IBM CICS TX Standard cross-site scripting — CICS TX StandardCWE-79 6.1 Medium2024-11-01
CVE-2024-41741 IBM TXSeries for Multiplatforms information disclosure — TXSeries for MultiplatformsCWE-208 5.3 Medium2024-11-01
CVE-2024-41738 IBM TXSeries for Multiplatforms information disclosure — TXSeries for MultiplatformsCWE-598 5.9 Medium2024-11-01
CVE-2024-45656 IBM Flexible Service Processor hard coded credentials — Flexible Service ProcessorCWE-798 9.8 Critical2024-10-29
CVE-2024-38314 IBM Maximo Application Suite - Monitor Component information disclosure — Maximo Application Suite - Monitor ComponentCWE-321 5.9 Medium2024-10-24
CVE-2023-50310 IBM CICS Transaction Gateway for Multiplatforms information disclosure — CICS Transaction Gateway for MultiplatformsCWE-522 4.9 Medium2024-10-23
CVE-2024-31880 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-770 5.3 Medium2024-10-23

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.