Browse all 4683 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.
IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2018-1583 | IBM StoredIQ 安全漏洞 — StoredIQ | 5.4 | - | 2018-05-22 |
| CVE-2018-1434 | 多款IBM产品跨站请求伪造漏洞 — FlashSystem V9000 | 8.8 | - | 2018-05-17 |
| CVE-2018-1461 | 多款IBM产品跨站脚本漏洞 — Spectrum Virtualize Software | 5.4 | - | 2018-05-17 |
| CVE-2018-1462 | 多款IBM产品安全漏洞 — Storwize V3700 | 8.8 | - | 2018-05-17 |
| CVE-2018-1463 | 多款IBM产品安全漏洞 — Storwize V5000 | 8.1 | - | 2018-05-17 |
| CVE-2018-1464 | 多款IBM产品安全漏洞 — Storwize V5000 | 6.5 | - | 2018-05-17 |
| CVE-2018-1465 | 多款IBM产品安全漏洞 — Storwize V3500 | 5.3 | - | 2018-05-17 |
| CVE-2018-1466 | 多款IBM产品安全漏洞 — SAN Volume Controller | 6.5 | - | 2018-05-17 |
| CVE-2018-1413 | IBM Cognos Analytics 跨站脚本漏洞 — Cognos Analytics | 5.4 | - | 2018-05-07 |
| CVE-2017-1743 | IBM WebSphere Application Server 安全漏洞 — WebSphere Application Server | 5.3 | - | 2018-05-04 |
| CVE-2017-1255 | IBM Security Guardium 安全漏洞 — Security Guardium | 7.5 | - | 2018-05-02 |
| CVE-2018-1468 | IBM API Connect 安全漏洞 — API Connect | 4.3 | - | 2018-05-02 |
| CVE-2018-1502 | IBM Content Manager Enterprise Edition Resource Manager 跨站脚本漏洞 — Content Manager | 5.4 | - | 2018-05-01 |
| CVE-2018-1389 | IBM API Connect 安全漏洞 — API Connect | 6.5 | - | 2018-04-30 |
| CVE-2018-1430 | IBM API Connect 跨站脚本漏洞 — API Connect | 5.4 | - | 2018-04-30 |
| CVE-2017-1116 | IBM Campaign 安全漏洞 — Campaign | 4.3 | - | 2018-04-27 |
| CVE-2018-1473 | IBM BigFix Platform 跨站脚本漏洞 — BigFix Platform | 5.4 | - | 2018-04-27 |
| CVE-2018-1475 | IBM BigFix Platform 安全漏洞 — BigFix Platform | 9.1 | - | 2018-04-27 |
| CVE-2018-1479 | IBM BigFix Platform 跨站请求伪造漏洞 — BigFix Platform | 8.8 | - | 2018-04-27 |
| CVE-2017-1721 | IBM Security QRadar SIEM 安全漏洞 — Security QRadar SIEM | 7.7 | - | 2018-04-26 |
| CVE-2017-1722 | IBM Security QRadar SIEM SQL注入漏洞 — Security QRadar SIEM | 9.8 | - | 2018-04-26 |
| CVE-2017-1723 | IBM QRadar SIEM 路径遍历漏洞 — Security QRadar SIEM | 6.5 | - | 2018-04-26 |
| CVE-2017-1724 | IBM Security QRadar SIEM 跨站脚本漏洞 — Security QRadar SIEM | 4.8 | - | 2018-04-26 |
| CVE-2018-1418 | IBM Security QRadar SIEM 安全漏洞 — Security QRadar SIEM | 9.8 | - | 2018-04-26 |
| CVE-2017-1750 | IBM Jazz Reporting Service 跨站脚本漏洞 — Jazz Reporting Service | 5.4 | - | 2018-04-25 |
| CVE-2018-1363 | IBM Jazz Reporting Service 跨站脚本漏洞 — Jazz Reporting Service | 5.4 | - | 2018-04-25 |
| CVE-2017-1700 | 多款IBM产品Jazz Team Server 安全漏洞 — Rational Team Concert | 6.5 | - | 2018-04-24 |
| CVE-2017-1725 | 多款IBM产品Jazz Team Server 安全漏洞 — Rational Quality Manager | 4.3 | - | 2018-04-24 |
| CVE-2017-1734 | 多款IBM产品Jazz Team Server 安全漏洞 — Rational Engineering Lifecycle Manager | 4.3 | - | 2018-04-24 |
| CVE-2017-1473 | IBM Security Access Manager Appliance 安全漏洞 — Security Access Manager | 7.5 | - | 2018-04-23 |
This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.