Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2024-22333 IBM Maximo Application Suite information disclosure — Maximo Application SuiteCWE-525 3.3 Low2024-06-13
CVE-2024-25052 IBM Jazz Reporting Service information disclosure — Jazz Reporting ServiceCWE-256 4.4 Medium2024-06-13
CVE-2023-29267 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-399 5.3 Medium2024-06-12
CVE-2024-31881 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-770 6.5 Medium2024-06-12
CVE-2024-28762 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-770 5.3 Medium2024-06-12
CVE-2023-45188 IBM Engineering Lifecycle Optimization Publishing file upload — Engineering Lifecycle Optimization PublishingCWE-434 6.5 Medium2024-06-09
CVE-2024-31878 IBM i information disclosure — iCWE-203 5.3 Medium2024-06-07
CVE-2023-45192 IBM Engineering Requirements Management DOORS Next XML external entity injection — Engineering Requirements Management DOORS NextCWE-611 8.2 High2024-06-06
CVE-2024-22326 IBM System Storage improper authentication — System Storage DS8900FCWE-306 5.0 Medium2024-06-06
CVE-2024-35142 IBM Security Verify Access privilege escalation — Security Verify Access DockerCWE-250 8.4 High2024-05-31
CVE-2024-35140 IBM Security Verify Access privilege escalation — Security Verify Access DockerCWE-295 7.7 High2024-05-31
CVE-2024-31907 IBM Planning Analytics 跨站脚本漏洞 — Planning Analytics LocalCWE-79 5.4 Medium2024-05-31
CVE-2024-31908 IBM Planning Analytics Local cross-site scripting — Planning Analytics LocalCWE-79 6.4 Medium2024-05-31
CVE-2024-31889 IBM Planning Analytics Local cross-site scripting — Planning Analytics LocalCWE-79 5.4 Medium2024-05-31
CVE-2024-22338 IBM Security Verify Access OIDC Provider information disclosure — Security Verify Access OIDC ProviderCWE-20 4.0 Medium2024-05-31
CVE-2022-43841 IBM Aspera Console information disclosure — Aspera ConsoleCWE-525 4.0 Medium2024-05-30
CVE-2022-43575 IBM Aspera Console cross-site scripting — Aspera ConsoleCWE-79 5.4 Medium2024-05-30
CVE-2022-43384 IBM Aspera Console cross-site scripting — Aspera ConsoleCWE-79 4.6 Medium2024-05-30
CVE-2023-42005 IBM Db2 on Cloud Pak for Data privilege escalation — Db2 on Cloud Pak for DataCWE-264 7.4 High2024-05-29
CVE-2023-37411 IBM Aspera Faspex cross-site scripting — Aspera FaspexCWE-79 4.8 Medium2024-05-28
CVE-2024-28793 IBM Engineering Workflow Management cross-site scripting — Engineering Workflow ManagementCWE-79 4.9 Medium2024-05-28
CVE-2023-47710 IBM Security Guardium cross-site scripting — Security GuardiumCWE-79 5.4 Medium2024-05-24
CVE-2024-27264 IBM Performance Tools for i privilege escalation — i 7.4 High2024-05-22
CVE-2024-31894 IBM App Connect Enterprise information disclosure — App Connect EnterpriseCWE-324 4.3 Medium2024-05-22
CVE-2024-31895 IBM App Connect Enterprise information disclosure — App Connect EnterpriseCWE-324 4.3 Medium2024-05-22
CVE-2024-31893 IBM App Connect Enterprise information disclosure — App Connect EnterpriseCWE-324 4.3 Medium2024-05-22
CVE-2024-31904 IBM App Connect Enterprise denial of service — App Connect EnterpriseCWE-248 6.5 Medium2024-05-22
CVE-2024-31879 IBM i denial of service — iCWE-502 7.5 High2024-05-18
CVE-2023-47717 IBM Security Guardium denial of service — Security Guardium 4.4 Medium2024-05-16
CVE-2024-27260 IBM AIX command execution — AIXCWE-250 8.4 High2024-05-16

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.