Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2024-43180 IBM Concert information disclosure — ConcertCWE-614 4.3 Medium2024-09-13
CVE-2024-27257 IBM OpenPages information disclosure — OpenPagesCWE-540 4.3 Medium2024-09-10
CVE-2024-40681 IBM MQ security bypass — MQCWE-266 7.5 High2024-09-07
CVE-2024-40680 IBM MQ denial of service — MQCWE-789 5.5 Medium2024-09-07
CVE-2024-37068 IBM Maximo Application Suite information disclosure — Maximo Application SuiteCWE-327 5.9 Medium2024-09-07
CVE-2024-45097 IBM Aspera Faspex bypass security — Aspera FaspexCWE-650 5.9 Medium2024-09-05
CVE-2024-45096 IBM Aspera Faspex information disclosure — Aspera FaspexCWE-548 6.5 Medium2024-09-05
CVE-2024-45098 IBM Aspera Faspex bypass security — Aspera FaspexCWE-650 6.8 Medium2024-09-05
CVE-2024-45074 IBM webMethods Integration directory traversal — webMethods IntegrationCWE-22 6.5 Medium2024-09-04
CVE-2024-45075 IBM webMethods Integration privilege escalation — webMethods IntegrationCWE-306 8.8 High2024-09-04
CVE-2024-45076 IBM webMethods Integration code execution — webMethods IntegrationCWE-434 9.9 Critical2024-09-04
CVE-2024-39747 IBM Sterling Connect:Direct Web Services information disclosure — Sterling Connect:Direct Web ServicesCWE-1392 8.1 High2024-08-31
CVE-2024-35133 IBM Security Verify Access HTTP open redirect — Security Verify AccessCWE-601 6.8 Medium2024-08-29
CVE-2024-35118 IBM MaaS360 information disclosure — MaaS360CWE-798 4.6 Medium2024-08-29
CVE-2022-43915 IBM App Connect Enterprise Certified Container — App Connect Enterprise Certified ContainerCWE-732 6.8 Medium2024-08-24
CVE-2024-39745 IBM Sterling Connect:Direct Web Services information disclosure — Sterling Connect:Direct Web ServicesCWE-327 5.9 Medium2024-08-22
CVE-2024-39744 IBM Sterling Connect:Direct Web Services cross-site request forgery — Sterling Connect:Direct Web ServicesCWE-352 4.3 Medium2024-08-22
CVE-2024-39746 IBM Sterling Connect:Direct Web Services information disclosure — Sterling Connect:Direct Web ServicesCWE-319 5.9 Medium2024-08-22
CVE-2024-35151 IBM OpenPages information disclosure — OpenPages with WatsonCWE-288 6.5 Medium2024-08-22
CVE-2024-41773 IBM Global Configuration Management incorrect ownership assignment — Global Configuration ManagementCWE-708 6.5 Medium2024-08-20
CVE-2023-47728 IBM QRadar Suite Software information disclosure — QRadar Suite SoftwareCWE-209 6.5 Medium2024-08-16
CVE-2022-33162 IBM Directory Server buffer overflow — Security Directory IntegratorCWE-119 7.3 High2024-08-16
CVE-2024-31905 IBM QRadar Network Packet Capture information disclosure — QRadar Network Packet CaptureCWE-319 5.9 Medium2024-08-15
CVE-2024-40705 IBM InfoSphere Information Server denial of service — InfoSphere Information ServerCWE-405 6.5 Medium2024-08-15
CVE-2024-40704 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-522 4.9 Medium2024-08-15
CVE-2024-25024 IBM QRadar Suite Software information disclosure — QRadar Suite Software 5.5 Medium2024-08-15
CVE-2024-31882 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-943 5.3 Medium2024-08-14
CVE-2024-37529 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-789 6.5 Medium2024-08-14
CVE-2024-35152 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-789 6.5 Medium2024-08-14
CVE-2024-35136 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-943 5.3 Medium2024-08-14

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.