Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

IBM — Vulnerabilities & Security Advisories 4615

Browse all 4615 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products IBM:DB2 for Linux, UNIX and WindowsInfoSphere Information ServerSterling B2B IntegratorWebSphere Application ServerSecurity GuardiumQRadar SIEMCognos AnalyticsMQMaximo Asset ManagementAPI ConnectRational Quality ManagerRational Collaborative Lifecycle ManagementSecurity Key Lifecycle ManagerAIXiSpectrum Protect PlusSpectrum ScaleRobotic Process AutomationUrbanCode DeployCognos ControllerAspera FaspexSterling File GatewaySecurity Identity Governance and IntelligenceRational DOORS Next GenerationCloud Pak for SecurityConcertCloud Pak SystemFinancial Transaction ManagerContent NavigatorPlanning Analytics Local
CVE IDTitleCVSSSeverityPaused
CVE-2025-1721 BM Concert Software Improper Clearing of Heap Memory Before Release. — ConcertCWE-244 5.9 Medium2025-12-26
CVE-2025-36154 IBM Concert Software Cleartext Storage in a File or on Disk. — ConcertCWE-313 6.2 Medium2025-12-24
CVE-2025-13489 IBM DevOps Deploy is susceptible to a Cleartext Transmission of Sensitive Information — UCD - IBM DevOps DeployCWE-319 5.9 Medium2025-12-15
CVE-2025-14148 IBM DevOps Deploy is susceptible to a Insufficiently Protected Credentials vulnerability — UCD - IBM DevOps DeployCWE-522 6.5 Medium2025-12-15
CVE-2025-36360 IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to an Insufficient Session Expiration vulnerability — UCD - IBM UrbanCode DeployCWE-613 5.0 Medium2025-12-15
CVE-2025-13214 IBM Aspera Orchestrator SQL Injection — Aspera OrchestratorCWE-89 7.6 High2025-12-11
CVE-2025-13148 IBM Aspera Orchestrator Unverified Password Change — Aspera OrchestratorCWE-620 8.1 High2025-12-11
CVE-2025-13481 IBM Aspera Orchestrator Command Injection — Aspera OrchestratorCWE-78 8.8 High2025-12-11
CVE-2025-13211 IBM Aspera Orchestrator Denial of Service — Aspera OrchestratorCWE-799 5.3 Medium2025-12-11
CVE-2025-36437 IBM Planning Analytics Local is vulnerable to disclosing sensitive information — IBM Planning Analytics LocalCWE-209 4.3 Medium2025-12-09
CVE-2024-56464 IBM QRadar SIEM is affected by an information disclosure vulnerability — IBM QRadar SIEMCWE-548 2.7 Low2025-12-09
CVE-2025-36140 IBM watsonx.data Denial of Service — watsonx.dataCWE-770 6.5 Medium2025-12-08
CVE-2025-12635 IBM WebSphere Application Server and WebSphere Application Server Liberty Cross-Site Scripting — WebSphere Application ServerCWE-79 5.4 Medium2025-12-08
CVE-2025-64650 IBM Storage Defender - Resiliency Service Information Disclosure — Storage Defender - Resiliency ServiceCWE-532 6.5 Medium2025-12-08
CVE-2025-12832 IBM InfoSphere Information Server Server-Side Request Forgery — InfoSphere Information ServerCWE-918 4.6 Medium2025-12-08
CVE-2025-36017 IBM Controller Information Disclosure — ControllerCWE-526 6.5 Medium2025-12-08
CVE-2025-36102 IBM Controller Validation Bypass — ControllerCWE-602 2.7 Low2025-12-08
CVE-2025-33111 IBM Controller Information Disclosure — ControllerCWE-379 4.3 Medium2025-12-08
CVE-2025-36015 IBM Controller Denial of Service — ControllerCWE-1284 6.5 Medium2025-12-08
CVE-2024-45675 IBM Informix Dynamic Server Authentication Bypass — Informix Dynamic ServerCWE-309 8.4 High2025-12-02
CVE-2025-36134 IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure — Sterling B2B IntegratorCWE-1275 3.7 Low2025-11-25
CVE-2025-36150 IBM Concert Information Disclosure — ConcertCWE-327 5.9 Medium2025-11-24
CVE-2025-36112 IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure — Sterling B2B IntegratorCWE-497 5.3 Medium2025-11-24
CVE-2025-36149 IBM Concert Software clickjacking — IBM Concert SoftwareCWE-1021 6.3 Medium2025-11-21
CVE-2025-36072 IBM webMethods Integration Deserialization — webMethods IntegrationCWE-502 8.8 High2025-11-20
CVE-2025-36153 IBM Concert Cross-Site Scripting — ConcertCWE-79 6.1 Medium2025-11-20
CVE-2025-36158 IBM Concert Information Disclosure — ConcertCWE-674 5.1 Medium2025-11-20
CVE-2025-36159 IBM Concert Improper Log Neutralization — ConcertCWE-117 6.2 Medium2025-11-20
CVE-2025-36160 IBM Concert Information Disclosure — ConcertCWE-497 5.3 Medium2025-11-20
CVE-2025-36161 IBM Concert Software Information Disclosure — ConcertCWE-327 5.9 Medium2025-11-20

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.