Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4615

Browse all 4615 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by IBM:DB2 for Linux, UNIX and WindowsInfoSphere Information ServerSterling B2B IntegratorWebSphere Application ServerSecurity GuardiumQRadar SIEMCognos AnalyticsMQMaximo Asset ManagementAPI ConnectRational Quality ManagerRational Collaborative Lifecycle ManagementSecurity Key Lifecycle ManagerAIXiSpectrum Protect PlusSpectrum ScaleRobotic Process AutomationUrbanCode DeployCognos ControllerAspera FaspexSterling File GatewaySecurity Identity Governance and IntelligenceRational DOORS Next GenerationCloud Pak for SecurityConcertCloud Pak SystemFinancial Transaction ManagerContent NavigatorPlanning Analytics Local
CVE IDTitleCVSSSeverityPublished
CVE-2024-43177 IBM Concert improper certificate validation — ConcertCWE-295 5.9 Medium2024-10-22
CVE-2024-43173 IBM Concert information disclosure — ConcertCWE-1275 3.7 Low2024-10-22
CVE-2024-45071 IBM WebSphere Application Server cross-site scripting — WebSphere Application ServerCWE-79 5.5 Medium2024-10-16
CVE-2024-45072 IBM WebSphere Application Server XML external entity injection — WebSphere Application ServerCWE-611 5.5 Medium2024-10-16
CVE-2024-49340 IBM Watson Studio Local cross-site request forgery — Watson Studio LocalCWE-352 4.3 Medium2024-10-15
CVE-2024-45085 IBM WebSphere Application Server denial of service — WebSphere Application ServerCWE-754 5.9 Medium2024-10-15
CVE-2024-45073 IBM WebSphere Application Server cross-site scripting — WebSphere Application ServerCWE-79 4.8 Medium2024-09-30
CVE-2024-43191 IBM ManageIQ command execution — Cloud Pak for Multicloud ManagementCWE-502 7.2 High2024-09-26
CVE-2024-31899 IBM Cognos Command Center information disclosure — Cognos Command CenterCWE-256 4.3 Medium2024-09-26
CVE-2023-46175 IBM Cloud Pak for Multicloud Management information disclosure — Cloud Pak for Multicloud ManagementCWE-532 4.4 Medium2024-09-26
CVE-2024-38324 IBM Storage Defender improper certificate validation — Storage Defender - Resiliency ServiceCWE-297 5.9 Medium2024-09-24
CVE-2021-38963 IBM Aspera Console CSV injection — Aspera ConsoleCWE-1236 8.0 High2024-09-24
CVE-2022-43845 IBM Aspera Console information disclosure — Aspera ConsoleCWE-1004 3.7 Low2024-09-24
CVE-2024-40703 IBM Cognos Analytics information disclosure — Cognos AnalyticsCWE-522 5.5 Medium2024-09-22
CVE-2024-43188 IBM Business Automation Workflow improper input validation — Business Automation WorkflowCWE-602 4.9 Medium2024-09-18
CVE-2024-38315 IBM Aspera Shares session fixation — Aspera SharesCWE-613 6.3 Medium2024-09-16
CVE-2024-43180 IBM Concert information disclosure — ConcertCWE-614 4.3 Medium2024-09-13
CVE-2024-27257 IBM OpenPages information disclosure — OpenPagesCWE-540 4.3 Medium2024-09-10
CVE-2024-40681 IBM MQ security bypass — MQCWE-266 7.5 High2024-09-07
CVE-2024-40680 IBM MQ denial of service — MQCWE-789 5.5 Medium2024-09-07
CVE-2024-37068 IBM Maximo Application Suite information disclosure — Maximo Application SuiteCWE-327 5.9 Medium2024-09-07
CVE-2024-45097 IBM Aspera Faspex bypass security — Aspera FaspexCWE-650 5.9 Medium2024-09-05
CVE-2024-45096 IBM Aspera Faspex information disclosure — Aspera FaspexCWE-548 6.5 Medium2024-09-05
CVE-2024-45098 IBM Aspera Faspex bypass security — Aspera FaspexCWE-650 6.8 Medium2024-09-05
CVE-2024-45074 IBM webMethods Integration directory traversal — webMethods IntegrationCWE-22 6.5 Medium2024-09-04
CVE-2024-45075 IBM webMethods Integration privilege escalation — webMethods IntegrationCWE-306 8.8 High2024-09-04
CVE-2024-45076 IBM webMethods Integration code execution — webMethods IntegrationCWE-434 9.9 Critical2024-09-04
CVE-2024-39747 IBM Sterling Connect:Direct Web Services information disclosure — Sterling Connect:Direct Web ServicesCWE-1392 8.1 High2024-08-31
CVE-2024-35133 IBM Security Verify Access HTTP open redirect — Security Verify AccessCWE-601 6.8 Medium2024-08-29
CVE-2024-35118 IBM MaaS360 information disclosure — MaaS360CWE-798 4.6 Medium2024-08-29

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.