Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2024-45644 IBM Security ReaQta file upload — Security ReaQtaCWE-434 4.7 Medium2025-03-19
CVE-2024-56347 IBM AIX command execution — AIXCWE-114 9.6 Critical2025-03-18
CVE-2024-56346 IBM AIX command execution — AIXCWE-114 10.0 Critical2025-03-18
CVE-2024-49822 IBM QRadar Advisor server-side request forgery — QRadar Advisor with WatsonCWE-918 4.1 Medium2025-03-18
CVE-2024-45638 IBM QRadar EDR information disclosure — QRadar EDRCWE-256 4.1 Medium2025-03-14
CVE-2024-45643 IBM QRadar EDR information disclosure — QRadar EDRCWE-327 5.9 Medium2025-03-14
CVE-2025-2000 Qiskit SDK code execution — Qiskit SDKCWE-502 9.8 Critical2025-03-14
CVE-2024-52362 IBM App Connect Enterprise Certified Container denial of service — App Connect Enterprise Certified ContainerCWE-1286 4.3 Medium2025-03-12
CVE-2024-56338 IBM Sterling B2B Integrator cross-site scripting — Sterling B2B Integrator Standard EditionCWE-79 4.8 Medium2025-03-11
CVE-2024-22340 IBM Common Cryptographic Architecture information disclosure — Common Cryptographic ArchitectureCWE-208 6.5 Medium2025-03-11
CVE-2024-41760 IBM Common Cryptographic Architecture information disclosure — Common Cryptographic ArchitectureCWE-203 3.7 Low2025-03-11
CVE-2024-49823 IBM Common Cryptographic Architecture denial of service — Common Cryptographic ArchitectureCWE-787 6.5 Medium2025-03-11
CVE-2024-52905 IBM Sterling B2B Integrator information disclosure — Sterling B2B Integrator Standard EditionCWE-497 2.7 Low2025-03-10
CVE-2024-47109 IBM Sterling File Gateway information disclosure — Sterling File GatewayCWE-522 5.3 Medium2025-03-10
CVE-2023-43052 IBM Control Center external service interaction — Control CenterCWE-435 5.3 Medium2025-03-07
CVE-2023-35894 IBM Control Center HOST header injection — Control CenterCWE-644 5.4 Medium2025-03-07
CVE-2025-0162 IBM Aspera Shares XML external entity injection — Aspera SharesCWE-611 7.1 High2025-03-07
CVE-2024-51476 IBM Concert Software information disclosure — Concert SoftwareCWE-307 7.5 High2025-03-06
CVE-2024-41771 IBM Engineering Requirements Management DOORS Next information disclosure — Engineering Requirements Management DOORS NextCWE-522 7.5 High2025-03-03
CVE-2024-41770 IBM Engineering Requirements Management DOORS Next information disclosure — Engineering Requirements Management DOORS NextCWE-522 7.5 High2025-03-03
CVE-2024-43169 IBM Engineering Requirements Management DOORS Next file download — Engineering Requirements Management DOORS NextCWE-494 8.8 High2025-03-03
CVE-2024-54179 IBM Business Automation Workflow cross-site scripting — Business Automation WorkflowCWE-79 5.4 Medium2025-03-03
CVE-2024-55907 IBM Cognos Mobile information disclosure — Cognos Analytics MobileCWE-540 2.0 Low2025-03-02
CVE-2025-0895 IBM Cognos Mobile information disclosure — Cognos Analytics MobileCWE-215 2.4 Low2025-03-02
CVE-2024-41778 IBM Controller information disclosure — ControllerCWE-521 5.3 Medium2025-03-01
CVE-2025-0160 IBM FlashSystem code execution — Storage VirtualizeCWE-114 8.1 High2025-02-28
CVE-2025-0159 IBM FlashSystem authentication bypass — Storage VirtualizeCWE-288 9.1 Critical2025-02-28
CVE-2025-0985 IBM MQ information disclosure — MQCWE-526 5.5 Medium2025-02-28
CVE-2024-54175 IBM MQ denial of service — MQCWE-754 5.5 Medium2025-02-28
CVE-2024-56340 IBM Cognos Analytics path traversal — Cognos AnalyticsCWE-23 6.5 Medium2025-02-28

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.