Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2021-29827 IBM InfoSphere Information Server clickjacking — InfoSphere Information ServerCWE-1021 5.2 Medium2024-12-18
CVE-2021-20553 IBM Sterling B2B Integrator Standard Edition cross-site scripting — Sterling B2B IntegratorCWE-79 5.4 Medium2024-12-18
CVE-2024-51470 IBM MQ denial of service — MQCWE-754 6.5 Medium2024-12-18
CVE-2024-25042 IBM Cognos Analytics cross-site scripting — Cognos AnalyticsCWE-79 5.4 Medium2024-12-18
CVE-2024-45082 IBM Cognos Analytics HTTP open redirection — Cognos AnalyticsCWE-601 6.8 Medium2024-12-18
CVE-2024-41752 IBM Cognos Analytics HTML injection — Cognos AnalyticsCWE-80 5.4 Medium2024-12-18
CVE-2024-52361 IBM Storage Defender - Resiliency Service information disclosure — Storage Defender - Resiliency ServiceCWE-256 5.7 Medium2024-12-18
CVE-2023-50956 IBM Storage Defender - Resiliency Service information disclosure — Storage Defender - Resiliency ServiceCWE-256 4.4 Medium2024-12-18
CVE-2024-47119 IBM Storage Defender - Resiliency Service improper certificate validation — Storage Defender - Resiliency ServiceCWE-295 5.9 Medium2024-12-18
CVE-2024-47104 IBM i incorrect privilege assignment — iCWE-732 6.8 Medium2024-12-18
CVE-2024-49816 IBM Security Guardium Key Lifecycle Manager information disclosure — Security Guardium Key Lifecycle ManagerCWE-532 4.9 Medium2024-12-17
CVE-2024-49820 IBM Security Guardium Key Lifecycle Manager information disclosure — Security Guardium Key Lifecycle ManagerCWE-319 3.7 Low2024-12-17
CVE-2024-49819 IBM Security Guardium Key Lifecycle Manager information disclosure — Security Guardium Key Lifecycle ManagerCWE-319 4.1 Medium2024-12-17
CVE-2024-49818 IBM Security Guardium Key Lifecycle Manager information disclosure — Security Guardium Key Lifecycle ManagerCWE-209 4.3 Medium2024-12-17
CVE-2024-49817 IBM Security Guardium Key Lifecycle Manager information disclosure — Security Guardium Key Lifecycle ManagerCWE-260 4.4 Medium2024-12-17
CVE-2024-31891 IBM Storage Scale privilege escalation — Storage ScaleCWE-250 7.8 High2024-12-14
CVE-2024-31892 IBM Storage Scale SQL injection — Storage ScaleCWE-89 7.5 High2024-12-14
CVE-2024-52901 IBM InfoSphere Information Server denial of service — InfoSphere Information ServerCWE-1284 6.5 Medium2024-12-12
CVE-2024-51460 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-209 4.3 Medium2024-12-11
CVE-2023-23472 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-497 3.1 Low2024-12-11
CVE-2023-37395 IBM Aspera Faspex information disclosure — Aspera FaspexCWE-327 2.5 Low2024-12-11
CVE-2024-35117 IBM OpenPages with Watson information disclosure — OpenPages with WatsonCWE-312 4.4 Medium2024-12-11
CVE-2024-47117 IBM Carbon Design System cross-site scripting — Carbon ChartsCWE-79 5.4 Medium2024-12-10
CVE-2024-47107 IBM QRadar SIEM cross-site scripting — QRadar SIEMCWE-79 6.4 Medium2024-12-07
CVE-2024-41762 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-789 5.3 Medium2024-12-07
CVE-2024-37071 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-789 5.3 Medium2024-12-07
CVE-2024-47115 IBM AIX command execution — AIXCWE-78 7.8 High2024-12-07
CVE-2024-51465 IBM App Connect Enterprise Certified Container command execution — App Connect Enterprise Certified ContainerCWE-78 8.8 High2024-12-04
CVE-2024-41775 IBM Cognos Controller information disclosure — Cognos ControllerCWE-327 5.9 Medium2024-12-03
CVE-2024-25020 IBM Cognos Controller file upload — Cognos ControllerCWE-434 5.5 Medium2024-12-03

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.