Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2023-45169 IBM AIX denial of service — AIXCWE-20 6.2 Medium2024-01-11
CVE-2023-45173 IBM AIX denial of service — AIXCWE-20 6.2 Medium2024-01-11
CVE-2023-45175 IBM AIX denial of service — AIXCWE-20 6.2 Medium2024-01-11
CVE-2023-47140 IBM CICS Transaction Gateway improper access controls — CICS Transaction Gateway ContainersCWE-266 4.0 Medium2024-01-08
CVE-2023-50948 IBM Storage Fusion HCI information disclosure — Storage Fusion HCICWE-259 6.5 Medium2024-01-08
CVE-2023-47145 IBM Db2 for Windows privilege escalation — Db2 8.4 High2024-01-07
CVE-2023-49880 IBM Financial Transaction Manager for SWIFT Services data manipulation — Financial Transaction Manager for SWIFT Services 7.5 High2023-12-25
CVE-2021-38927 IBM Aspera Console cross-site scripting — Aspera ConsoleCWE-79 7.2 High2023-12-25
CVE-2023-43064 IBM i code execution — iCWE-427 7.0 High2023-12-25
CVE-2023-42017 IBM Planning Analytics file upload — Planning AnalyticsCWE-434 8.0 High2023-12-22
CVE-2023-45165 IBM AIX denial of service — AIXCWE-20 6.2 Medium2023-12-22
CVE-2023-35895 IBM Informix JDBC code execution — Informix JDBCCWE-78 6.3 Medium2023-12-20
CVE-2023-47707 IBM Security Guardium Key Lifecycle Manager cross-site scripting — Security Guardium Key Lifecycle ManagerCWE-79 5.4 Medium2023-12-20
CVE-2023-47703 IBM Security Guardium Key Lifecycle Manager information disclosure — Security Guardium Key Lifecycle ManagerCWE-209 5.3 Medium2023-12-20
CVE-2023-47702 IBM Security Guardium Key Lifecycle Manager directory traversal — Security Guardium Key Lifecycle ManagerCWE-22 4.3 Medium2023-12-20
CVE-2023-47706 IBM Security Guardium Key Lifecycle Manager file upload — Security Guardium Key Lifecycle ManagerCWE-434 6.6 Medium2023-12-20
CVE-2023-47705 IBM Security Guardium Key Lifecycle Manager improper input validation — Security Guardium Key Lifecycle ManagerCWE-20 4.3 Medium2023-12-20
CVE-2023-47704 IBM Security Guardium Key Lifecycle Manager information disclosure — Security Guardium Key Lifecycle ManagerCWE-798 4.0 Medium2023-12-20
CVE-2023-47161 IBM UrbanCode Deploy denial of service — UrbanCode DeployCWE-20 5.3 Medium2023-12-19
CVE-2023-42012 IBM UrbanCode Deploy denial of service — UrbanCode DeployCWE-20 6.2 Medium2023-12-19
CVE-2023-42013 IBM UrbanCode Deploy information disclosure — UrbanCode DeployCWE-209 5.3 Medium2023-12-19
CVE-2023-45172 IBM AIX denial of service — AIXCWE-20 6.2 Medium2023-12-19
CVE-2023-47146 IBM QRadar SIEM information disclosure — QRadar SIEMCWE-200 4.9 Medium2023-12-19
CVE-2023-42015 IBM UrbanCode Deploy HTML injection — UrbanCode Deploy 4.3 Medium2023-12-19
CVE-2023-40691 IBM Cloud Pak for Business Automation information disclosure — Cloud Pak for Business AutomationCWE-200 4.9 Medium2023-12-18
CVE-2023-47741 IBM i information disclosure — i 5.3 Medium2023-12-18
CVE-2023-46177 IBM MQ Appliance information disclosure — MQ ApplianceCWE-22 6.5 Medium2023-12-18
CVE-2023-45185 IBM i Access Client Solutions code execution — i Access Client SolutionsCWE-863 7.4 High2023-12-14
CVE-2023-45182 IBM i Access Client Solutions information disclosure — i Access Client SolutionsCWE-922 7.4 High2023-12-14
CVE-2023-45184 IBM i Access Client Solutions — i Access Client SolutionsCWE-922 6.2 Medium2023-12-14

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.