Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2022-43871 IBM Financial Transaction Manager for SWIFT Services cross-site scripting — Financial Transaction Manager for SWIFT ServicesCWE-79 4.6 Medium2023-04-29
CVE-2022-41736 IBM Spectrum Scale Container Native Storage Access privilege escalation — Spectrum Scale Container Native Storage Access 8.4 High2023-04-29
CVE-2023-26022 IBM Db2 denial of service — DB2 for Linux, UNIX and WindowsCWE-20 5.9 Medium2023-04-28
CVE-2023-26021 IBM Db2 denial of service — DB2 for Linux, UNIX and WindowsCWE-20 7.5 High2023-04-28
CVE-2023-27555 IBM Db2 denial of service — DB2 for Linux, UNIX and WindowsCWE-20 5.1 Medium2023-04-28
CVE-2023-25930 IBM Db2 denial of service — DB2 for Linux, UNIX and WindowsCWE-20 5.9 Medium2023-04-28
CVE-2023-27864 IBM Maximo Asset Management HTML injection — Maximo Asset Management 5.4 Medium2023-04-28
CVE-2023-28528 IBM AIX command execution — AIXCWE-78 8.4 High2023-04-28
CVE-2023-27557 IBM Safter Payments information disclosure — Safer PaymentsCWE-327 5.9 Medium2023-04-28
CVE-2020-4729 IBM Safer Payments denial of service — Safer Payments 5.3 Medium2023-04-28
CVE-2023-27556 IBM Safer Payments denial of service — Safer PaymentsCWE-770 6.5 Medium2023-04-28
CVE-2023-27860 IBM Maximo Asset Management information disclosure — Maximo Asset ManagementCWE-209 5.3 Medium2023-04-27
CVE-2023-24966 IBM WebSphere Application Server cross-site scripting — WebSphere Application ServerCWE-79 6.1 Medium2023-04-27
CVE-2023-30444 IBM Watson Machine Learning on Cloud Pak for Data server-side request forgery — Watson Machine Learning on Cloud Pak for DataCWE-918 7.1 High2023-04-27
CVE-2023-29255 IBM DB2 for Linux, UNIX and Windows denial of service — DB2 for Linux, UNIX and WindowsCWE-20 7.5 High2023-04-27
CVE-2023-27559 IBM Db2 denial of service — Db2 for Linux, UNIX and WindowsCWE-20 5.3 Medium2023-04-26
CVE-2023-29257 IBM Db2 code execution — Db2 for Linux, UNIX and Windows 7.2 High2023-04-26
CVE-2023-26286 IBM AIX privilege escalation — AIX 8.4 High2023-04-26
CVE-2022-36769 IBM Cloud Pak for Data file upload — Cloud Pak for DataCWE-77 7.2 High2023-04-26
CVE-2022-41739 IBM Spectrum Scale privilege escalation — Spectrum Scale Container Native Storage Access 7.9 High2023-04-26
CVE-2022-43928 IBM Db2 Mirror for i information disclosure — Db2 Mirror for i 4.9 Medium2023-04-07
CVE-2022-43914 IBM TRIRIGA Application Platform cross-site scripting — TRIRIGA Application PlatformCWE-79 4.6 Medium2023-04-07
CVE-2023-27876 IBM TRIRIGA Application Platform XML external entity injection — TRIRIGA Application PlatformCWE-611 7.1 High2023-04-07
CVE-2022-33959 IBM Sterling Order Management privilege escalation — Sterling Order Management 5.4 Medium2023-04-07
CVE-2022-34333 IBM Sterling Order Management information disclosure — Sterling Order ManagementCWE-521 5.9 Medium2023-04-07
CVE-2023-27286 IBM Aspera code execution — AsperaCWE-119 8.4 High2023-03-28
CVE-2023-27284 IBM Aspera code execution — AsperaCWE-119 8.4 High2023-03-28
CVE-2023-26283 IBM WebSphere Application Server cross-site scripting — WebSphere Application ServerCWE-79 5.4 Medium2023-03-22
CVE-2022-43863 IBM QRadar SIEM privilege escalation — QRadar SIEMCWE-20 6.7 Medium2023-03-22
CVE-2023-25684 IBM Security Key Lifecycle Manager SQL injection — Security Key Lifecycle ManagerCWE-89 6.5 Medium2023-03-21

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.