Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4615

Browse all 4615 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by IBM:DB2 for Linux, UNIX and WindowsInfoSphere Information ServerSterling B2B IntegratorWebSphere Application ServerSecurity GuardiumQRadar SIEMCognos AnalyticsMQMaximo Asset ManagementAPI ConnectRational Quality ManagerRational Collaborative Lifecycle ManagementSecurity Key Lifecycle ManagerAIXiSpectrum Protect PlusSpectrum ScaleRobotic Process AutomationUrbanCode DeployCognos ControllerAspera FaspexSterling File GatewaySecurity Identity Governance and IntelligenceRational DOORS Next GenerationCloud Pak for SecurityConcertCloud Pak SystemFinancial Transaction ManagerContent NavigatorPlanning Analytics Local
CVE IDTitleCVSSSeverityPublished
CVE-2024-22351 IBM InfoSphere Information Server session fixation — InfoSphere Information ServerCWE-613 6.3 Medium2025-04-23
CVE-2025-27907 IBM WebSphere Application Server server-side request forgery — WebSphere Application ServerCWE-918 4.1 Medium2025-04-22
CVE-2025-1951 IBM Hardware Management Console - Power Systems command execution — Hardware Management Console - Power SystemsCWE-250 8.4 High2025-04-22
CVE-2025-1950 IBM Hardware Management Console - Power Systems command execution — Hardware Management Console - Power SystemsCWE-114 9.3 Critical2025-04-22
CVE-2025-2987 IBM Maximo Asset Management server-side request forgery — Maximo Asset ManagementCWE-918 3.8 Low2025-04-21
CVE-2025-2950 IBM i improper HTTP header neutralization — iCWE-644 5.4 Medium2025-04-18
CVE-2024-45651 IBM Sterling Connect:Direct Web Services session fixation — Sterling Connect:Direct Web ServicesCWE-613 6.3 Medium2025-04-18
CVE-2024-49808 IBM Sterling Connect:Direct Web Services improper authorization — Sterling Connect:Direct Web ServicesCWE-863 6.3 Medium2025-04-18
CVE-2025-2947 IBM i privilege escalation — iCWE-278 7.2 High2025-04-17
CVE-2024-22314 IBM Storage Defender - Resiliency Service information disclosure — Storage Defender - Resiliency ServiceCWE-327 5.9 Medium2025-04-16
CVE-2022-43850 IBM Aspera Console cross-site scripting — Aspera ConsoleCWE-79 5.4 Medium2025-04-14
CVE-2022-43840 IBM Aspera Console XPath injection — Aspera ConsoleCWE-643 4.3 Medium2025-04-14
CVE-2022-43851 IBM Aspera Console information disclosure — Aspera ConsoleCWE-327 5.9 Medium2025-04-14
CVE-2023-27272 IBM Aspera Console weak password requirements — Aspera ConsoleCWE-521 3.1 Low2025-04-14
CVE-2022-43852 IBM Aspera Console information disclosure — Aspera ConsoleCWE-497 5.3 Medium2025-04-14
CVE-2022-43847 IBM Aspera Console HTTP header injection — Aspera ConsoleCWE-644 5.4 Medium2025-04-14
CVE-2024-49825 IBM Robotic Process Automation session fixation — Robotic Process AutomationCWE-613 6.3 Medium2025-04-14
CVE-2025-3423 IBM Aspera Faspex 5 cross-site scripting — Aspera FaspexCWE-79 5.4 Medium2025-04-13
CVE-2024-51461 IBM QRadar WinCollect Agent denial of service — QRadar WinCollect AgentCWE-770 4.3 Medium2025-04-11
CVE-2023-43035 IBM Sterling Control Center information disclosure — Sterling Control CenterCWE-525 4.0 Medium2025-04-10
CVE-2023-42007 IBM Sterling Control Center cross-site scripting — Sterling Control CenterCWE-79 5.4 Medium2025-04-10
CVE-2023-43037 IBM Maximo Application Suite improper access control — Maximo Application SuiteCWE-20 6.5 Medium2025-04-10
CVE-2025-25023 IBM Security Guardium information disclosure — Security GuardiumCWE-266 4.9 Medium2025-04-09
CVE-2023-33844 IBM Security Verify Governance cross-site scripting — Security Verify GovernanceCWE-79 5.4 Medium2025-04-09
CVE-2025-1095 IBM Personal Communications command execution — Personal CommunicationsCWE-420 8.8 High2025-04-08
CVE-2025-1500 IBM Maximo Application Suite file upload — Maximo Application SuiteCWE-434 5.5 Medium2025-04-05
CVE-2024-56476 IBM TXSeries for Multiplatforms information disclosure — TXSeries for MultiplatformsCWE-204 5.3 Medium2025-04-02
CVE-2024-56475 IBM TXSeries for Multiplatforms cross-site scripting — TXSeries for MultiplatformsCWE-79 5.4 Medium2025-04-02
CVE-2024-56474 IBM TXSeries for Multiplatforms cross-site request forgery — TXSeries for MultiplatformsCWE-352 4.3 Medium2025-04-02
CVE-2025-0154 IBM TXSeries for Multiplatforms information disclosure — TXSeries for MultiplatformsCWE-644 5.3 Medium2025-04-02

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.