Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4710

Browse all 4710 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server WebSphere Application Server Sterling B2B Integrator Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager i Rational Collaborative Lifecycle Management Security Key Lifecycle Manager AIX Spectrum Protect Plus Spectrum Scale Robotic Process Automation Cognos Controller UrbanCode Deploy Aspera Faspex Sterling File Gateway Security Identity Governance and Intelligence Rational DOORS Next Generation Cloud Pak System Concert Cloud Pak for Security Financial Transaction Manager Content Navigator Business Automation Workflow
CVE IDTitleCVSSSeverityPublished
CVE-2018-2000 IBM Business Process Manager和IBM Business Automation Workflow 跨站请求伪造漏洞 — Business Automation Workflow 8.8 -2019-04-08
CVE-2019-4045 IBM Business Process Manager和IBM Business Automation Workflow 输入验证错误漏洞 — Business Automation Workflow 4.3 -2019-04-08
CVE-2019-4051 IBM API Connect 信息泄露漏洞 — API Connect 5.3 -2019-04-08
CVE-2019-4143 IBM Cloud Private 日志信息泄露漏洞 — Cloud Private 5.5 -2019-04-08
CVE-2019-4155 IBM API Connect 权限许可和访问控制问题漏洞 — API Connect 8.8 -2019-04-08
CVE-2019-4210 IBM QRadar SIEM 授权问题漏洞 — QRadar SIEM 9.1 -2019-04-08
CVE-2018-1731 IBM Rational DOORS Next Generation 跨站脚本漏洞 — Rational DOORS Next Generation 5.4 -2019-04-03
CVE-2018-1913 IBM Rational DOORS Next Generation 跨站脚本漏洞 — Rational DOORS Next Generation 5.4 -2019-04-03
CVE-2018-1936 IBM DB2 libdb2e.so.1 缓冲区错误漏洞 — DB2 7.8 -2019-04-03
CVE-2019-4014 IBM DB2 缓冲区错误漏洞 — DB2 7.8 -2019-04-03
CVE-2018-1622 IBM Security Privileged Identity Manager 跨站请求伪造漏洞 — Security Privileged Identity Manager 8.8 -2019-04-02
CVE-2018-1623 IBM Security Privileged Identity Manager 信息泄露漏洞 — Security Privileged Identity Manager 3.3 -2019-04-02
CVE-2018-1625 IBM Security Privileged Identity Manager 信息泄露漏洞 — Security Privileged Identity Manager 4.3 -2019-04-02
CVE-2018-1626 IBM Security Privileged Identity Manager 授权问题漏洞 — Security Privileged Identity Manager 3.3 -2019-04-02
CVE-2018-1640 IBM Security Privileged Identity Manager 输入验证错误漏洞 — Security Privileged Identity Manager 8.8 -2019-04-02
CVE-2018-1680 IBM Security Privileged Identity Manager 安全特征问题漏洞 — Security Privileged Identity Manager 7.5 -2019-04-02
CVE-2018-1874 IBM API Connect 信息泄露漏洞 — API Connect 4.6 -2019-04-02
CVE-2018-1906 IBM InfoSphere Information Server 授权问题漏洞 — InfoSphere Information Server 6.5 -2019-04-02
CVE-2018-1917 IBM InfoSphere Information Server 信息泄露漏洞 — InfoSphere Information Server 6.5 -2019-04-02
CVE-2019-4043 IBM Sterling B2B Integrator 代码问题漏洞 — Sterling B2B Integrator 7.1 -2019-04-02
CVE-2019-4080 IBM WebSphere Application Server 资源管理错误漏洞 — WebSphere Application Server 6.5 -2019-04-02
CVE-2019-4093 IBM Spectrum Protect 访问控制错误漏洞 — Spectrum Protect 4.4 -2019-04-02
CVE-2018-1618 IBM Security Privileged Identity Manager 路径遍历漏洞 — Security Privileged Identity Manager 6.5 -2019-04-02
CVE-2019-4046 IBM WebSphere Application Server 资源管理错误漏洞 — WebSphere Application Server 7.5 -2019-03-25
CVE-2019-4035 IBM Content Navigator 输入验证错误漏洞 — Content Navigator 5.4 -2019-03-22
CVE-2019-4052 IBM API Connect 信息泄露漏洞 — API Connect 5.3 -2019-03-22
CVE-2017-1713 IBM Streams 加密问题漏洞 — Streams 7.5 -2019-03-21
CVE-2018-1992 多款IBM产品缓冲区错误漏洞 — Power 9 Systems 6.7 -2019-03-21
CVE-2018-1836 IBM MQ 跨站脚本漏洞 — MQ 5.4 -2019-03-19
CVE-2019-4094 IBM DB2 代码问题漏洞 — DB2 for Linux, UNIX and Windows 7.8 -2019-03-19

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.