Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4615

Browse all 4615 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by IBM:DB2 for Linux, UNIX and WindowsInfoSphere Information ServerSterling B2B IntegratorWebSphere Application ServerSecurity GuardiumQRadar SIEMCognos AnalyticsMQMaximo Asset ManagementAPI ConnectRational Quality ManagerRational Collaborative Lifecycle ManagementSecurity Key Lifecycle ManagerAIXiSpectrum Protect PlusSpectrum ScaleRobotic Process AutomationUrbanCode DeployCognos ControllerAspera FaspexSterling File GatewaySecurity Identity Governance and IntelligenceRational DOORS Next GenerationCloud Pak for SecurityConcertCloud Pak SystemFinancial Transaction ManagerContent NavigatorPlanning Analytics Local
CVE IDTitleCVSSSeverityPublished
CVE-2022-36775 IBM Security Verify Access HOST header injection — Security Verify Access 6.5 Medium2023-02-17
CVE-2023-22868 IBM Aspera Faspex cross-site scripting — Aspera FaspexCWE-79 5.4 Medium2023-02-17
CVE-2022-47986 IBM Aspera Faspex code execution — Aspera FaspexCWE-502 9.8 Critical2023-02-17
CVE-2022-42436 IBM MQ information disclosure — MQ 4.0 Medium2023-02-08
CVE-2022-34350 IBM API Connect security bypass — API Connect 5.3 Medium2023-02-08
CVE-2022-42438 IBM Cloud Pak for Multicloud Management Monitoring privilege escalation — Cloud Pak for Multicloud Management Monitoring 7.5 High2023-02-08
CVE-2022-43869 IBM Spectrum Scale denial of service — Elastic Storage SystemCWE-134 6.5 Medium2023-02-08
CVE-2022-34362 IBM Sterling Secure Proxy HOST header injection — Sterling Secure Proxy 4.6 Medium2023-02-08
CVE-2022-35720 IBM Sterling External Authentication Server information disclosure — Sterling External Authentication ServerCWE-327 2.3 Low2023-02-08
CVE-2023-23475 IBM Infosphere Information Server cross-site scripting — Infosphere Information ServerCWE-79 4.6 Medium2023-02-08
CVE-2022-42444 IBM App Connect Enterprise denial of service — App Connect Enterprise 4.9 Medium2023-02-06
CVE-2022-42439 IBM App Connect Enterprise information disclosure — App Connect EnterpriseCWE-200 6.8 Medium2023-02-06
CVE-2022-41731 IBM Watson Knowledge Catalog on Cloud Pak SQL injection — Watson Knowledge Catalog on-premCWE-89 8.6 High2023-02-06
CVE-2023-23477 IBM WebSphere Application Server code execution — WebSphere Application ServerCWE-94 8.1 High2023-02-03
CVE-2022-38389 IBM Tivoli Workload Scheduler XML external entity injection — Tivoli Workload SchedulerCWE-611 7.1 High2023-02-02
CVE-2022-22486 IBM Tivoli Workload Scheduler XML external entity injection — Tivoli Workload SchedulerCWE-611 10.0 Critical2023-02-02
CVE-2023-23469 IBM Cloud Pak for Business Automation information disclosure — Cloud Pak for Business Automation 4.0 Medium2023-02-01
CVE-2022-47983 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information ServerCWE-79 5.4 Medium2023-02-01
CVE-2022-43922 IBM App Connect Enterprise Certified Container information disclosure — App Connect Enterprise Certified Container 5.3 Medium2023-02-01
CVE-2022-22462 IBM Security Verify Governance, Identity Manager virtual appliance component information disclosure — Security Verify GovernanceCWE-327 3.7 Low2023-01-25
CVE-2022-43864 IBM Business Automation Workflow information disclosure — Business MonitorCWE-22 7.5 High2023-01-25
CVE-2022-43917 IBM WebSphere Application Server information disclosure — WebSphere Application ServerCWE-327 5.9 Medium2023-01-25
CVE-2022-41733 IBM InfoSphere Information Server denial of service — InfoSphere Information ServerCWE-20 5.3 Medium2023-01-20
CVE-2021-39089 IBM Cloud Pak for Security information disclosure — Cloud Pak for SecurityCWE-200 4.3 Medium2023-01-20
CVE-2021-39011 IBM Cloud Pak for Security information disclosure — Cloud Pak for SecurityCWE-532 4.2 Medium2023-01-20
CVE-2022-39167 IBM Spectrum Virtualize information disclosure — Spectrum VirtualizeCWE-200 5.9 Medium2023-01-19
CVE-2023-22863 IBM Robotic Process Automation information disclosure — Robotic Process AutomationCWE-319 5.9 Medium2023-01-18
CVE-2023-22594 IBM Robotic Process Automation for Cloud Pak cross-site scripting — Robotic Process Automation for Cloud PakCWE-79 4.6 Medium2023-01-18
CVE-2023-22592 IBM Robotic Process Automation for Cloud Pak insufficient permission settings — Robotic Process Automation for Cloud Pak 4.0 Medium2023-01-18
CVE-2022-47990 IBM AIX denial of service — AIXCWE-120 6.2 Medium2023-01-18

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.