Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2024-39736 IBM Datacap Navigator HTTP HOST header injection — Datacap NavigatorCWE-644 6.5 Medium2024-07-15
CVE-2024-39737 IBM Datacap Navigator information disclosure — Datacap NavigatorCWE-209 5.4 Medium2024-07-15
CVE-2024-39739 IBM Datacap Navigator server-side request forgery — Datacap NavigatorCWE-918 5.4 Medium2024-07-15
CVE-2024-39733 IBM Datacap Navigator information disclosure — Datacap NavigatorCWE-256 5.5 Medium2024-07-14
CVE-2024-39732 IBM Datacap Navigator information disclosure — Datacap NavigatorCWE-316 4.1 Medium2024-07-14
CVE-2024-39734 IBM Datacap Navigator information disclosure — Datacap Navigator 4.3 Medium2024-07-14
CVE-2024-40690 IBM InfoSphere Server cross-site scripting — InfoSphere ServerCWE-79 5.4 Medium2024-07-12
CVE-2023-33860 IBM Security ReaQta information disclosure — Security QRadar EDRCWE-614 5.3 Medium2024-07-10
CVE-2023-33859 IBM Security ReaQta information disclosure — Security QRadar EDRCWE-204 5.3 Medium2024-07-10
CVE-2023-35006 IBM Security ReaQta HTML injection — Security QRadar EDRCWE-80 5.4 Medium2024-07-10
CVE-2024-25023 IBM QRadar Suite Software information disclosure — QRadar Suite SoftwareCWE-312 5.5 Medium2024-07-09
CVE-2024-35154 IBM WebSphere Application Server code execution — WebSphere Application ServerCWE-250 7.2 High2024-07-09
CVE-2024-39742 IBM MQ Container authentication bypass — MQ OperatorCWE-187 8.1 High2024-07-08
CVE-2024-39743 IBM MQ Container denial of service — MQ OperatorCWE-405 5.9 Medium2024-07-08
CVE-2024-37528 IBM Cloud Pak for Business Automation cross-site scripting — Cloud Pak for Business AutomationCWE-79 4.8 Medium2024-07-08
CVE-2024-31897 IBM Cloud Pak for Business Automation server-side request forgery — Cloud Pak for Business AutomationCWE-918 4.3 Medium2024-07-08
CVE-2024-38330 IBM i privilege escalation — iCWE-427 7.0 High2024-07-08
CVE-2024-39723 IBM FlashSystem denial of service — Storage VirtualizeCWE-1299 4.6 Medium2024-07-08
CVE-2023-50964 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information ServerCWE-79 5.4 Medium2024-06-30
CVE-2024-28794 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information ServerCWE-79 5.4 Medium2024-06-30
CVE-2023-50953 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-209 5.4 Medium2024-06-30
CVE-2023-50952 IBM InfoSphere Information Server server-side request forgery — InfoSphere Information ServerCWE-918 5.4 Medium2024-06-30
CVE-2024-28797 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information ServerCWE-79 6.4 Medium2024-06-30
CVE-2024-31898 IBM InfoSphere Information Server data modification — InfoSphere Information ServerCWE-639 5.4 Medium2024-06-30
CVE-2023-50954 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-598 4.3 Medium2024-06-30
CVE-2024-31902 IBM InfoSphere Information Server cross-site request forgery — InfoSphere Information ServerCWE-352 4.3 Medium2024-06-30
CVE-2024-35119 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-209 5.3 Medium2024-06-30
CVE-2024-28798 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information ServerCWE-79 7.2 High2024-06-30
CVE-2023-35022 IBM InfoSphere Information Server improper authentication — InfoSphere Information ServerCWE-285 3.3 Low2024-06-30
CVE-2024-28795 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information ServerCWE-79 5.4 Medium2024-06-30

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.