Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2023-50935 IBM PowerSC forced browsing — PowerSCCWE-425 6.5 Medium2024-02-02
CVE-2023-50941 IBM PowerSC session fixation — PowerSCCWE-384 6.3 Medium2024-02-02
CVE-2023-50934 IBM PowerSC improper authentication — PowerSCCWE-308 5.3 Medium2024-02-02
CVE-2023-50940 IBM PowerSC cross-resource origin sharing — PowerSCCWE-942 5.3 Medium2024-02-02
CVE-2023-50936 IBM PowerSC session fixation — PowerSCCWE-613 6.3 Medium2024-02-02
CVE-2023-50327 IBM PowerSC weak security — PowerSCCWE-650 5.3 Medium2024-02-02
CVE-2023-50937 IBM PowerSC information disclosure — PowerSCCWE-327 5.9 Medium2024-02-02
CVE-2023-50933 IBM PowerSC HTML injection — PowerSC 6.1 Medium2024-02-02
CVE-2023-50326 IBM PowerSC information Disclosure — PowerSCCWE-307 7.5 High2024-02-02
CVE-2023-50939 IBM PowerSC information Disclosure — PowerSCCWE-327 5.9 Medium2024-02-01
CVE-2023-47141 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-20 5.3 Medium2024-01-22
CVE-2023-47158 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-20 5.3 Medium2024-01-22
CVE-2023-47152 IBM Db2 information disclosure — Db2 for Linux, UNIX and WindowsCWE-209 5.9 Medium2024-01-22
CVE-2023-27859 IBM Db2 code execution — Db2 for Linux, UNIX and Windows 6.5 Medium2024-01-22
CVE-2023-47747 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-20 5.3 Medium2024-01-22
CVE-2023-45193 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-20 5.9 Medium2024-01-22
CVE-2023-50308 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-20 6.5 Medium2024-01-22
CVE-2023-47746 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-20 5.3 Medium2024-01-22
CVE-2023-50963 IBM Storage Defender HTTP HOST header injection — Storage Defender - Data ProtectCWE-601 6.5 Medium2024-01-19
CVE-2023-32337 IBM Maximo Spatial Asset Management server-side request forgery — Maximo Spatial Asset ManagementCWE-918 5.4 Medium2024-01-19
CVE-2023-47718 IBM Maximo Asset Management cross-site request forgery — Maximo Asset ManagementCWE-352 4.3 Medium2024-01-19
CVE-2023-35020 IBM Sterling Control Center directory traversal — Sterling Control CenterCWE-22 5.4 Medium2024-01-19
CVE-2023-40683 IBM OpenPages with Watson privilege escalation — OpenPages with WatsonCWE-285 8.8 High2024-01-19
CVE-2023-38738 IBM OpenPages with Watson information disclosure — OpenPages with WatsonCWE-257 6.8 Medium2024-01-19
CVE-2024-22317 IBM App Connect Enterprise denial of service — App Connect EnterpriseCWE-307 9.1 Critical2024-01-18
CVE-2023-50950 IBM QRadar information disclosure — QRadar SIEMCWE-200 3.7 Low2024-01-17
CVE-2023-38267 IBM Security Access Manager Appliance information disclosure — Security Verify Access ApplianceCWE-311 6.2 Medium2024-01-11
CVE-2023-31001 IBM Security Access Manager Container information disclosure — Security Verify Access ApplianceCWE-257 5.1 Medium2024-01-11
CVE-2023-31003 IBM Security Access Manager Container privilege escalation — Security Verify Access ApplianceCWE-59 8.4 High2024-01-11
CVE-2023-45171 IBM AIX denial of service — AIXCWE-20 6.2 Medium2024-01-11

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.