Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Found 145 results / 4629Clear Filters
Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2023-33843 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information ServerCWE-79 5.4 Medium2024-02-21
CVE-2023-46174 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information ServerCWE-79 5.4 Medium2023-12-01
CVE-2023-42019 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-311 5.9 Medium2023-12-01
CVE-2023-40699 IBM InfoSphere Information Server denial of service — InfoSphere Information ServerCWE-20 7.5 High2023-12-01
CVE-2023-42022 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information ServerCWE-79 5.4 Medium2023-12-01
CVE-2023-43021 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-209 5.3 Medium2023-12-01
CVE-2023-42009 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information ServerCWE-79 5.4 Medium2023-12-01
CVE-2023-43015 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information ServerCWE-79 5.4 Medium2023-12-01
CVE-2023-38268 IBM InfoSphere Information Server cross-site request forgery — InfoSphere Information ServerCWE-352 4.3 Medium2023-12-01
CVE-2023-40363 IBM InfoSphere Information Server privilege escalation — InfoSphere Information Server 8.1 High2023-11-18
CVE-2023-24959 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-200 5.3 Medium2023-08-28
CVE-2023-23473 IBM InfoSphere Information Server cross-site request forgery — InfoSphere Information ServerCWE-352 5.3 Medium2023-08-28
CVE-2023-22877 IBM InfoSphere Information Server CSV injection — InfoSphere Information ServerCWE-1236 7.0 High2023-08-28
CVE-2023-35898 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-200 4.3 Medium2023-07-19
CVE-2023-33857 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-200 5.3 Medium2023-07-16
CVE-2023-32336 IBM InfoSphere Information Server code execution — InfoSphere Information ServerCWE-502 8.8 High2023-05-22
CVE-2022-47984 IBM InfoSphere Information Server SQL injection — InfoSphere Information ServerCWE-89 6.3 Medium2023-05-19
CVE-2023-22878 IBM InfoSphere Information Server information disclosure — InfoSphere Information Server 6.2 Medium2023-05-19
CVE-2023-28529 IBM InfoSphere Information Server 11.7 — InfoSphere Information ServerCWE-79 5.5 Medium2023-05-19
CVE-2023-25928 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information ServerCWE-79 4.6 Medium2023-02-21
CVE-2023-24960 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-22 7.5 High2023-02-17
CVE-2023-24964 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-312 6.2 Medium2023-02-17
CVE-2023-23475 IBM Infosphere Information Server cross-site scripting — Infosphere Information ServerCWE-79 4.6 Medium2023-02-08
CVE-2022-47983 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information ServerCWE-79 5.4 Medium2023-02-01
CVE-2022-41733 IBM InfoSphere Information Server denial of service — InfoSphere Information ServerCWE-20 5.3 Medium2023-01-20
CVE-2022-40753 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information ServerCWE-79 5.4 Medium2022-11-11
CVE-2022-41291 IBM InfoSphere Information Server 代码问题漏洞 — InfoSphere Information Server 8.1 -2022-10-07
CVE-2022-36772 IBM InfoSphere Information Server 安全漏洞 — InfoSphere Information Server 6.5 -2022-10-07
CVE-2022-40748 IBM InfoSphere Information Server 跨站脚本漏洞 — InfoSphere Information Server 5.4 -2022-09-23
CVE-2022-35715 IBM InfoSphere Information Server 安全漏洞 — InfoSphere Information Server 7.5 -2022-08-10

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.