Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Found 43 results / 4629Clear Filters
Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2025-36162 IBM DevOps Deploy / IBM UrbanCode Deploy information disclosure — UrbanCode DeployCWE-497 4.3 Medium2025-09-02
CVE-2025-1998 IBM UrbanCode Deploy (UCD) / IBM DevOps Deploy information disclosure — UrbanCode DeployCWE-532 5.5 Medium2025-03-27
CVE-2025-1997 IBM UrbanCode Deploy (UCD) / IBM DevOps Deploy HTML injection — UrbanCode DeployCWE-80 5.4 Medium2025-03-27
CVE-2024-56469 IBM UrbanCode Deploy (UCD) / IBM DevOps Deploy missing authentication — UrbanCode DeployCWE-306 6.3 Medium2025-03-27
CVE-2024-55904 IBM DevOps Deploy / IBM UrbanCode Deploy command injection — UrbanCode DeployCWE-78 7.2 High2025-02-14
CVE-2024-54176 IBM UrbanCode Deploy missing authentication — UrbanCode DeployCWE-306 4.3 Medium2025-02-08
CVE-2024-45091 IBM UrbanCode Deploy information disclosure — UrbanCode DeployCWE-532 6.2 Medium2025-01-21
CVE-2024-28781 IBM UrbanCode Deploy cross-site scripting — UrbanCode DeployCWE-79 5.4 Medium2024-05-10
CVE-2024-22358 IBM UrbanCode Deploy session fixation — UrbanCode DeployCWE-613 6.3 Medium2024-04-12
CVE-2024-22339 IBM UrbanCode Deploy information disclosure — UrbanCode DeployCWE-532 4.3 Medium2024-04-12
CVE-2024-22334 IBM UrbanCode Deploy improper privilege control — UrbanCode DeployCWE-732 4.4 Medium2024-04-12
CVE-2024-22359 IBM UrbanCode Deploy cross-site scripting — UrbanCode DeployCWE-79 6.1 Medium2024-04-12
CVE-2023-47161 IBM UrbanCode Deploy denial of service — UrbanCode DeployCWE-20 5.3 Medium2023-12-19
CVE-2023-42012 IBM UrbanCode Deploy denial of service — UrbanCode DeployCWE-20 6.2 Medium2023-12-19
CVE-2023-42013 IBM UrbanCode Deploy information disclosure — UrbanCode DeployCWE-209 5.3 Medium2023-12-19
CVE-2023-42015 IBM UrbanCode Deploy HTML injection — UrbanCode Deploy 4.3 Medium2023-12-19
CVE-2023-40376 IBM UrbanCode Deploy (UCD) improper authentication controls — UrbanCode DeployCWE-862 5.3 Medium2023-10-04
CVE-2022-43877 IBM UrbanCode Deploy (UCD) information disclosure — UrbanCode Deploy 5.1 Medium2023-05-06
CVE-2022-40751 IBM UrbanCode Deploy information disclosure — UrbanCode DeployCWE-522 4.9 Medium2022-11-17
CVE-2022-35716 IBM UrbanCode Deploy 安全漏洞 — UrbanCode Deploy 6.5 -2022-07-31
CVE-2022-22367 IBM UrbanCode Deploy 安全漏洞 — UrbanCode Deploy 5.5 -2022-07-01
CVE-2022-22366 IBM UrbanCode Deploy 安全漏洞 — UrbanCode Deploy 5.5 -2022-07-01
CVE-2021-39082 IBM UrbanCode Deploy 加密问题漏洞 — UrbanCode Deploy 7.5 -2022-04-29
CVE-2022-22315 IBM UrbanCode Deploy 安全漏洞 — UrbanCode Deploy 8.8 -2022-04-27
CVE-2022-22327 IBM UrbanCode Deploy 加密问题漏洞 — UrbanCode Deploy 7.5 -2022-04-01
CVE-2021-29711 IBM UrbanCode Deploy 安全漏洞 — UrbanCode Deploy 2.7 -2021-07-08
CVE-2020-4944 IBM UrbanCode Deploy 安全漏洞 — UrbanCode Deploy 5.5 -2021-03-30
CVE-2020-4884 IBM UrbanCode Deploy 安全漏洞 — UrbanCode Deploy 5.5 -2021-03-30
CVE-2020-4848 IBM UrbanCode Deploy 安全漏洞 — UrbanCode Deploy 5.4 -2021-03-30
CVE-2020-4484 IBM UrbanCode Deploy 信息泄露漏洞 — UrbanCode Deploy 6.5 -2020-11-06

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.