Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4615

Browse all 4615 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by IBM:DB2 for Linux, UNIX and WindowsInfoSphere Information ServerSterling B2B IntegratorWebSphere Application ServerSecurity GuardiumQRadar SIEMCognos AnalyticsMQMaximo Asset ManagementAPI ConnectRational Quality ManagerRational Collaborative Lifecycle ManagementSecurity Key Lifecycle ManagerAIXiSpectrum Protect PlusSpectrum ScaleRobotic Process AutomationUrbanCode DeployCognos ControllerAspera FaspexSterling File GatewaySecurity Identity Governance and IntelligenceRational DOORS Next GenerationCloud Pak for SecurityConcertCloud Pak SystemFinancial Transaction ManagerContent NavigatorPlanning Analytics Local
CVE IDTitleCVSSSeverityPublished
CVE-2025-36249 IBM Jazz for Service Management is vulnerable to "filter" cookie not sent over SSL — Jazz for Service ManagementCWE-614 3.7 Low2025-10-31
CVE-2025-33003 IBM InfoSphere Information Server is vulnerable to privilege escalation — InfoSphere Information ServerCWE-250 7.8 High2025-10-31
CVE-2025-3356 IBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operations — Tivoli MonitoringCWE-22 8.6 High2025-10-30
CVE-2025-3355 IBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operations — Tivoli MonitoringCWE-22 7.5 High2025-10-30
CVE-2025-36137 IBM Sterling Connect:Direct for UNIX command execution — Sterling Connect:Direct for UnixCWE-250 7.2 High2025-10-30
CVE-2025-36386 There is a vulnerability in the IBM Maximo Manage application in IBM Maximo Application Suite for Cognos Analytics — IBM Maximo Application SuiteCWE-305 9.8 Critical2025-10-28
CVE-2025-36085 Multiple Vulnerabilities in IBM Concert Software. — ConcertCWE-918 5.4 Medium2025-10-28
CVE-2025-36083 Multiple Vulnerabilities in IBM Concert Software. — Concert SoftwareCWE-244 6.2 Medium2025-10-28
CVE-2025-36081 Multiple Vulnerabilities in IBM Concert Software. — Concert SoftwareCWE-117 5.3 Medium2025-10-28
CVE-2025-33133 Fixes to common vulnerabilities found in IBM Db2 High Performance Unload — DB2 High Performance UnloadCWE-787 6.5 Medium2025-10-27
CVE-2025-33132 Fixes to common vulnerabilities found in IBM Db2 High Performance Unload — DB2 High Performance UnloadCWE-467 6.5 Medium2025-10-27
CVE-2025-33131 Fixes to common vulnerabilities found in IBM Db2 High Performance Unload — DB2 High Performance UnloadCWE-120 6.5 Medium2025-10-27
CVE-2025-33126 Fixes to common vulnerabilities found in IBM Db2 High Performance Unload — DB2 High Performance UnloadCWE-131 6.5 Medium2025-10-27
CVE-2025-36138 IBM QRadar SIEM cross-site scripting — QRadar SIEMCWE-79 6.4 Medium2025-10-27
CVE-2025-36170 IBM QRadar SIEM cross-site scripting — QRadar SIEMCWE-79 6.4 Medium2025-10-27
CVE-2025-36007 IBM QRadar SIEM incorrect privilege assignment — QRadar SIEMCWE-266 7.8 High2025-10-27
CVE-2025-36121 HTML Injection Vulnerability in a Specific URL Endpoint of the IBM OpenPages Application — OpenPagesCWE-80 5.4 Medium2025-10-27
CVE-2025-36361 IBM App Connect Enterprise runtime is vulnerable to a lack of authorization on windows environments using IWA — App Connect EnterpriseCWE-862 6.3 Medium2025-10-24
CVE-2025-36128 IBM MQ denial of service — MQCWE-772 7.5 High2025-10-16
CVE-2025-36002 IBM Sterling B2B Integrator information disclosure — Sterling B2B IntegratorCWE-260 5.5 Medium2025-10-16
CVE-2025-2529 IBM Terracotta denial of service — TerracottaCWE-228 2.9 Low2025-10-15
CVE-2025-27906 IBM Content Navigator information disclosure — Content NavigatorCWE-548 5.3 Medium2025-10-14
CVE-2025-36087 IBM Security Verify Access hard coded credentials — Security Verify AccessCWE-798 8.1 High2025-10-13
CVE-2025-2138 IBM Engineering Requirements Management Doors Next data modification — Engineering Requirements Management Doors NextCWE-602 3.5 Low2025-10-12
CVE-2025-2139 IBM Engineering Requirements Management Doors Next security bypass — Engineering Requirements Management Doors NextCWE-602 3.5 Low2025-10-12
CVE-2025-2140 IBM Engineering Requirements Management Doors Next spoofing — Engineering Requirements Management Doors NextCWE-346 5.7 Medium2025-10-12
CVE-2025-33096 IBM Engineering Requirements Management Doors Next denial of service — Engineering Requirements Management Doors NextCWE-674 6.5 Medium2025-10-12
CVE-2025-36171 IBM Aspera Faspex denial of service — Aspera FaspexCWE-770 4.9 Medium2025-10-09
CVE-2025-36225 IBM Aspera Faspex information disclosure — Aspera FaspexCWE-203 4.3 Medium2025-10-09
CVE-2023-37401 IBM Aspera Faspex cross-origin resource sharing — Aspera FaspexCWE-942 5.3 Medium2025-10-09

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.