Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2023-22593 IBM Robotic Process Automation for Cloud Pak security configuration — Robotic Process Automation for Cloud Pak 4.0 Medium2023-06-27
CVE-2022-34352 IBM QRadar information disclosure — Security QRadar SIEMCWE-200 6.5 Medium2023-06-27
CVE-2023-26274 IBM QRadar cross-site scripting — Security QRadar SIEMCWE-79 4.6 Medium2023-06-27
CVE-2023-26276 IBM QRadar information disclosure — Security QRadar SIEMCWE-327 5.9 Medium2023-06-27
CVE-2023-26273 IBM QRadar security bypass — Security QRadar SIEMCWE-20 4.3 Medium2023-06-27
CVE-2023-32339 IBM Business Automation Workflow cross-site scripting — Business Automation WorkflowCWE-79 6.1 Medium2023-06-27
CVE-2023-33842 IBM SPSS Modeler information disclosure — SPSS Modeler 6.2 Medium2023-06-22
CVE-2023-28956 IBM Spectrum Protect Backup-Archive Client privilege escalation — Spectrum Protect Backup-Archive ClientCWE-266 8.4 High2023-06-22
CVE-2022-32752 IBM Security Directory Suite VA command execution — Security Directory Suite VACWE-78 7.2 High2023-06-15
CVE-2022-32757 IBM Security Directory Suite VA information disclosure — Security Directory Suite VACWE-307 7.5 High2023-06-15
CVE-2022-33166 IBM Security Directory Suite VA file upload — Security Directory Suite VACWE-434 7.2 High2023-06-15
CVE-2022-33159 IBM Security Directory Suite VA information disclosure — Security Directory Suite VACWE-200 5.3 Medium2023-06-15
CVE-2022-33168 IBM Security Directory Suite VA denial of service — Security Directory Suite VACWE-400 7.5 High2023-06-15
CVE-2022-33163 IBM Security Directory Suite VA information disclosure — Security Directory Suite VACWE-732 5.3 Medium2023-06-15
CVE-2023-25683 IBM PowerVM Hypervisor information disclosure — PowerVM HypervisorCWE-200 5.9 Medium2023-06-15
CVE-2022-22307 IBM Security Guardium privilege escalation — Security GuardiumCWE-863 4.4 Medium2023-06-15
CVE-2023-23480 IBM Sterling Partner Engagement Manager cross-site scripting — Sterling Partner Engagement ManagerCWE-79 5.4 Medium2023-06-08
CVE-2023-23481 IBM Sterling Partner Engagement Manager cross-site scripting — Sterling Partner Engagement ManagerCWE-79 6.4 Medium2023-06-08
CVE-2023-23482 IBM Sterling Partner Engagement Manager clickjacking — Sterling Partner Engagement Manager 5.4 Medium2023-06-08
CVE-2023-33846 IBM CICS TX cross-site scripting — TXSeries for MultiplatformsCWE-79 5.4 Medium2023-06-08
CVE-2023-33847 IBM CICS TX information disclosure — TXSeries for Multiplatforms 3.7 Low2023-06-08
CVE-2023-33849 IBM CICS TX information disclosure — TXSeries for MultiplatformsCWE-311 3.7 Low2023-06-07
CVE-2023-33848 IBM CICS TX information disclosure — TXSeries for MultiplatformsCWE-200 4.9 Medium2023-06-07
CVE-2023-0041 IBM Security Guardium session fixation — Security GuardiumCWE-613 6.3 Medium2023-06-05
CVE-2023-32334 IBM Maximo Asset Management information disclosure — Maximo Asset Management 3.7 Low2023-06-05
CVE-2023-27861 IBM Maximo Application Suite information disclosure — Maximo Application SuiteCWE-319 5.9 Medium2023-06-05
CVE-2023-27285 IBM Aspera buffer overflow — Aspera ConnectCWE-119 8.4 High2023-06-04
CVE-2023-22862 IBM Aspera information disclosure — Aspera ConnectCWE-523 5.9 Medium2023-06-04
CVE-2023-26278 IBM QRadar WinCollect Agent privilege escalation — QRadar WinCollect Agent 8.2 High2023-05-31
CVE-2023-26277 IBM QRadar WinCollect Agent privilege escalation — QRadar WinCollect Agent 7.8 High2023-05-31

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.