Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2023-50955 IBM InfoSphere Information Server information disclosure — InfoSphere Information ServerCWE-36 2.4 Low2024-02-21
CVE-2023-33843 IBM InfoSphere Information Server cross-site scripting — InfoSphere Information ServerCWE-79 5.4 Medium2024-02-21
CVE-2023-50306 IBM Common Licensing information disclosure — Common LicensingCWE-204 4.0 Medium2024-02-20
CVE-2022-41737 IBM Spectrum Scale security bypass — Storage Scale Container Native Storage AccessCWE-287 7.1 High2024-02-17
CVE-2022-41738 IBM Spectrum Scale security bypass — Storage Scale Container Native Storage AccessCWE-287 7.5 High2024-02-17
CVE-2022-42443 Trusteer for mobile file upload — Trusteer iOS SDKCWE-434 2.2 Low2024-02-17
CVE-2023-50951 IBM QRadar Suite information disclosure — QRadar Suite SoftwareCWE-532 4.0 Medium2024-02-17
CVE-2024-22337 IBM QRadar Suite information disclosure — QRadar Suite SoftwareCWE-532 5.1 Medium2024-02-17
CVE-2024-22336 IBM QRadar Suite information disclosure — QRadar Suite SoftwareCWE-532 5.1 Medium2024-02-17
CVE-2024-22335 IBM QRadar Suite information disclosure — QRadar Suite SoftwareCWE-532 5.1 Medium2024-02-17
CVE-2023-46186 IBM Jazz for Service Management information disclosure — Jazz for Service ManagementCWE-425 5.3 Medium2024-02-14
CVE-2022-22506 IBM Robotic Process Automation information disclosure — Robotic Process AutomationCWE-200 4.6 Medium2024-02-12
CVE-2022-34309 IBM CICS TX information disclosure — CICS TX StandardCWE-327 5.9 Medium2024-02-12
CVE-2022-34311 IBM CICS TX session fixation — CICS TX StandardCWE-522 4.3 Medium2024-02-12
CVE-2022-34310 IBM CICS TX information disclosure — CICS TX StandardCWE-327 5.9 Medium2024-02-12
CVE-2022-38714 IBM DataStage on Cloud Pak for Data information disclosure — DataStage on Cloud Pak for Data 4.9 Medium2024-02-12
CVE-2024-22313 IBM Storage Defender - Resiliency Service information disclosure — Storage Defender - Resiliency ServiceCWE-798 6.2 Medium2024-02-10
CVE-2024-22312 IBM Storage Defender - Resiliency Service information disclosure — Storage Defender - Resiliency ServiceCWE-256 4.4 Medium2024-02-10
CVE-2023-50957 IBM Storage Defender - Resiliency Service privilege escalation — Storage Defender - Resiliency ServiceCWE-312 8.0 High2024-02-10
CVE-2024-22361 IBM Semeru Runtime information disclosure — Semeru RuntimeCWE-327 5.9 Medium2024-02-10
CVE-2023-42016 IBM Sterling B2B Integrator information disclosure — Sterling B2B IntegratorCWE-614 4.3 Medium2024-02-09
CVE-2023-32341 IBM Sterling B2B Integrator denial of service — Sterling B2B IntegratorCWE-400 6.5 Medium2024-02-09
CVE-2024-22332 IBM Integration Bus for z/OS denial of service — Integration Bus for z/OSCWE-400 6.5 Medium2024-02-09
CVE-2023-45191 IBM Engineering Lifecycle Optimization information disclosure — Engineering Lifecycle Optimization - PublishingCWE-307 7.5 High2024-02-09
CVE-2023-45190 IBM Engineering Lifecycle Optimization HTTP header injection — Engineering Lifecycle Optimization - Publishing 5.1 Medium2024-02-09
CVE-2023-45187 IBM Engineering Lifecycle Optimization - Publishing session fixation — Engineering Lifecycle Optimization - PublishingCWE-613 6.3 Medium2024-02-09
CVE-2024-22318 IBM i Access Client Solutions information disclosure — i Access Client SolutionsCWE-327 5.1 Medium2024-02-09
CVE-2023-47700 IBM Storage Virtualize improper certificate validation — Storage VirtualizeCWE-295 5.9 Medium2024-02-07
CVE-2023-38369 IBM Security Access Manager Container information disclosure — Security Verify Access ApplianceCWE-521 6.2 Medium2024-02-07
CVE-2023-31002 IBM Security Access Manager Container information disclosure — Security Verify Access Appliance 5.1 Medium2024-02-07

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.