Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2023-38734 IBM Robotic Process Automation privilege escalation — Robotic Process Automation 6.6 Medium2023-08-22
CVE-2023-33850 IBM GSKit-Crypto information disclosure — TXSeries for MultiplatformsCWE-203 7.5 High2023-08-22
CVE-2023-38732 IBM Robotic Process Automation information disclosure — Robotic Process AutomationCWE-532 4.3 Medium2023-08-22
CVE-2023-35011 IBM Cognos Analytics server-side request forgey — Cognos AnalyticsCWE-918 5.4 Medium2023-08-16
CVE-2023-35009 IBM Cognos Analytics information disclosure — Cognos AnalyticsCWE-209 5.3 Medium2023-08-16
CVE-2023-35893 IBM Security Guardium command execution — Security GuardiumCWE-78 9.9 Critical2023-08-16
CVE-2023-38737 IBM WebSphere Application Server Liberty denial of service — WebSphere Application Server LibertyCWE-20 5.9 Medium2023-08-16
CVE-2023-38721 IBM i privilege escalation — iCWE-269 8.4 High2023-08-14
CVE-2023-38741 IBM TXSeries for Multiplatforms denial of service — TXSeries for MultiplatformsCWE-400 7.5 High2023-08-14
CVE-2023-23476 IBM Robotic Process Automation information disclosure — Robotic Process AutomationCWE-863 3.1 Low2023-08-02
CVE-2022-40609 IBM SDK, Java Technology Edition code execution — SDK, Java Technology EditionCWE-502 8.1 High2023-08-02
CVE-2020-4868 IBM TRIRIGA information disclosure — TRIRIGA Application PlatformCWE-209 4.3 Medium2023-07-31
CVE-2023-24971 IBM B2B Advanced Communication denial of service — B2B Advanced CommunicationsCWE-502 7.5 High2023-07-31
CVE-2023-22595 IBM B2B Advanced Communication cross-site scripting — B2B Advanced CommunicationsCWE-79 5.4 Medium2023-07-31
CVE-2022-43831 IBM Spectrum Scale privilege escalation — Storage Scale Container Native Storage Access 7.4 High2023-07-31
CVE-2023-35016 IBM Security Verify Governance path traversal — Security Verify Governance, Identity ManagerCWE-22 6.5 Medium2023-07-31
CVE-2023-35019 IBM Security Verify Governance command execution — Security Verify Governance, Identity ManagerCWE-78 7.2 High2023-07-31
CVE-2023-28530 IBM Cognos Analytics cross-site scripting — Cognos AnalyticsCWE-79 5.4 Medium2023-07-22
CVE-2023-25929 IBM Cognos Analytics cross-site scripting — Cognos AnalyticsCWE-79 4.6 Medium2023-07-22
CVE-2022-43910 IBM Security Guardium privilege escalation — Security Guardium 8.4 High2023-07-19
CVE-2022-43908 IBM Security Guardium denial of service — Security GuardiumCWE-20 4.3 Medium2023-07-19
CVE-2023-28513 IBM MQ denial of service — MQCWE-20 5.9 Medium2023-07-19
CVE-2023-26026 IBM Planning Analytics Cartridge for Cloud Pak for Data information disclosure — Planning Analytics Cartridge for Cloud Pak for DataCWE-200 5.3 Medium2023-07-19
CVE-2023-26023 IBM Planning Analytics Cartridge for Cloud Pak for Data information disclosure — Sterling Connect:Express for UNIXCWE-532 6.5 Medium2023-07-19
CVE-2023-27877 IBM Planning Analytics Cartridge for Cloud Pak for Data information disclosure — Planning Analytics Cartridge for Cloud Pak for DataCWE-200 5.3 Medium2023-07-19
CVE-2021-38933 IBM Sterling Connect:Express for UNIX information disclosure — Sterling Connect:Express for UNIXCWE-327 5.9 Medium2023-07-19
CVE-2023-29260 IBM Sterling Connect:Express for UNIX server-side request forgery — Sterling Connect:Express for UNIXCWE-918 6.5 Medium2023-07-19
CVE-2023-29259 IBM Sterling Connect:Express for UNIX information disclosure — Sterling Connect:Express for UNIX 3.7 Low2023-07-19
CVE-2023-35900 IBM Robotic Process Automation information disclosure — Robotic Process AutomationCWE-200 4.3 Medium2023-07-19
CVE-2023-33832 IBM Storage Protect denial of service — Storage ProtectCWE-20 6.2 Medium2023-07-19

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.