Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4615

Browse all 4615 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by IBM:DB2 for Linux, UNIX and WindowsInfoSphere Information ServerSterling B2B IntegratorWebSphere Application ServerSecurity GuardiumQRadar SIEMCognos AnalyticsMQMaximo Asset ManagementAPI ConnectRational Quality ManagerRational Collaborative Lifecycle ManagementSecurity Key Lifecycle ManagerAIXiSpectrum Protect PlusSpectrum ScaleRobotic Process AutomationUrbanCode DeployCognos ControllerAspera FaspexSterling File GatewaySecurity Identity Governance and IntelligenceRational DOORS Next GenerationCloud Pak for SecurityConcertCloud Pak SystemFinancial Transaction ManagerContent NavigatorPlanning Analytics Local
CVE IDTitleCVSSSeverityPublished
CVE-2025-36174 IBM Integrated Analytics System file upload — Integrated Analytics SystemCWE-434 8.0 High2025-08-24
CVE-2025-36157 IBM Engineering Lifecycle Management incorrect authorization — Engineering Lifecycle ManagementCWE-863 9.8 Critical2025-08-24
CVE-2025-36042 IBM QRadar SIEM cross-site scripting — QRadar SIEMCWE-79 5.4 Medium2025-08-22
CVE-2025-33120 IBM QRadar SIEM privilege escalation — QRadar SIEMCWE-250 7.8 High2025-08-22
CVE-2025-1142 IBM Edge Application Manager server-side request forgery — Edge Application ManagerCWE-918 5.4 Medium2025-08-20
CVE-2025-1139 IBM Edge Application Manager incorrect permissions — Edge Application ManagerCWE-732 6.1 Medium2025-08-20
CVE-2025-36114 IBM QRadar SOAR Plugin App path traversal — QRadar SOAR Plugin AppCWE-20 6.5 Medium2025-08-20
CVE-2025-2988 IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure — Sterling B2B IntegratorCWE-497 2.7 Low2025-08-19
CVE-2025-33008 IBM Sterling B2B Integrator and IBM Sterling File Gateway cross-site scripting — Sterling B2B IntegratorCWE-79 5.4 Medium2025-08-19
CVE-2025-33100 IBM Concert Software information disclosure — Concert SoftwareCWE-798 6.2 Medium2025-08-18
CVE-2025-33090 IBM Concert Software denial of service — Concert SoftwareCWE-1333 7.5 High2025-08-18
CVE-2025-27909 IBM Concert Software cross-origin resource sharing — Concert SoftwareCWE-942 5.4 Medium2025-08-18
CVE-2025-1759 IBM Concert Software information disclosure — Concert SoftwareCWE-244 5.9 Medium2025-08-18
CVE-2024-49827 IBM Concert Software information disclosure — Concert SoftwareCWE-213 3.7 Low2025-08-18
CVE-2025-36120 IBM Storage Virtualize privilege escalation — Storage VirtualizeCWE-863 8.8 High2025-08-18
CVE-2025-36088 IBM TS4500 cross-site scripting — Storage TS4500 LibraryCWE-79 5.4 Medium2025-08-15
CVE-2025-33142 IBM WebSphere Application Server information disclosure — WebSphere Application ServerCWE-295 5.3 Medium2025-08-14
CVE-2025-36047 IBM WebSphere Application Server Liberty denial of service — WebSphere Application Server LibertyCWE-770 5.3 Medium2025-08-14
CVE-2025-36000 IBM WebSphere Application Server Liberty cross-site scripting — WebSphere Application Server LibertyCWE-79 4.4 Medium2025-08-12
CVE-2025-36124 IBM WebSphere Application Server Liberty bypass security — WebSphere Application Server LibertyCWE-268 5.9 Medium2025-08-12
CVE-2025-36023 IBM Cloud Pak for Business Automation security bypass — Cloud Pak for Business AutomationCWE-639 6.5 Medium2025-08-08
CVE-2025-36119 IBM i authentication bypass — iCWE-290 7.1 High2025-08-08
CVE-2024-56339 IBM WebSphere Application Server information disclosure — WebSphere Application ServerCWE-650 3.7 Low2025-08-07
CVE-2025-36020 IBM Guardium Data Protection information disclosure — Guardium Data ProtectionCWE-319 5.9 Medium2025-08-06
CVE-2025-3354 IBM Tivoli Monitoring code execution — Tivoli MonitoringCWE-122 8.1 High2025-08-06
CVE-2025-3320 IBM Tivoli Monitoring code execution — Tivoli MonitoringCWE-122 8.1 High2025-08-06
CVE-2024-52890 IBM Engineering Lifecycle Optimization - Publishing cross-site scripting — IBM Engineering Lifecycle Optimization - PublishingCWE-84 6.1 Medium2025-08-05
CVE-2025-2824 IBM Operational Decision Manager HTTP open redirect — Operational Decision ManagerCWE-601 7.4 High2025-08-01
CVE-2025-33118 IBM QRadar SIEM cross-site scripting — QRadar SIEMCWE-79 6.4 Medium2025-08-01
CVE-2025-36040 IBM Aspera Faspex session fixation — Aspera FaspexCWE-613 6.5 Medium2025-07-30

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.