Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2022-36776 IBM Cloud Pak for Security 跨站脚本漏洞 — Cloud Pak for SecurityCWE-79 5.4 Medium2022-11-11
CVE-2022-40750 IBM WebSphere Application Server cross-site scripting — WebSphere Application ServerCWE-79 5.4 Medium2022-11-11
CVE-2022-38385 IBM Cloud Pak for Security 输入验证错误漏洞 — Cloud Pak for Security CWE-20 7.1 High2022-11-11
CVE-2022-38387 IBM Cloud Pak for Security 操作系统命令注入漏洞 — Cloud Pak for SecurityCWE-78 7.1 High2022-11-11
CVE-2022-34331 IBM Power FW security bypass — Power FWCWE-287 5.5 Medium2022-11-11
CVE-2022-38710 IBM Robotic Process Automation information disclosure — Robotic Process AutomationCWE-497 5.3 -2022-11-03
CVE-2022-42442 IBM Robotic Process Automation for Cloud Pak information disclosure — Robotic Process Automation for Cloud Pak 4.0 -2022-11-03
CVE-2021-39077 IBM Security Guardium information disclosure — Security GuardiumCWE-319 4.4 Medium2022-11-03
CVE-2022-38388 IBM Navigator Mobile 安全漏洞 — Navigator Mobile 5.5 -2022-10-11
CVE-2022-34334 IBM Sterling Partner Engagement Manager 授权问题漏洞 — Sterling Partner Engagement Manager 8.1 -2022-10-10
CVE-2022-41291 IBM InfoSphere Information Server 代码问题漏洞 — InfoSphere Information Server 8.1 -2022-10-07
CVE-2022-36772 IBM InfoSphere Information Server 安全漏洞 — InfoSphere Information Server 6.5 -2022-10-07
CVE-2022-34308 IBM CICS TX 安全漏洞 — CICS TX Standard 5.5 -2022-10-07
CVE-2022-30613 IBM QRadar SIEM 安全漏洞 — QRadar SIEM 5.5 -2022-10-07
CVE-2022-22493 IBM WebSphere Automation 跨站请求伪造漏洞 — WebSphere Automation for Cloud Pak for Watson AIOps 8.8 -2022-10-07
CVE-2022-22480 IBM QRadar SIEM 安全漏洞 — QRadar SIEM 7.5 -2022-10-07
CVE-2022-41294 IBM Robotic Process Automation 访问控制错误漏洞 — Robotic Process Automation 6.5 -2022-10-06
CVE-2022-38709 IBM Robotic Process Automation 跨站脚本漏洞 — Robotic Process Automation 5.4 -2022-10-06
CVE-2022-36774 IBM Robotic Process Automation 授权问题漏洞 — Robotic Process Automation 6.5 -2022-10-06
CVE-2022-22503 IBM Robotic Process Automation 安全漏洞 — Robotic Process Automation 6.1 -2022-10-06
CVE-2022-39168 IBM Robotic Process Automation 安全漏洞 — Robotic Process Automation 5.5 -2022-09-29
CVE-2022-36771 IBM QRadar User Behavior Analytics 安全漏洞 — QRadar User Behavior Analytics 6.5 -2022-09-28
CVE-2022-35722 IBM Jazz for Service Management 跨站脚本漏洞 — Jazz for Service Management 5.4 -2022-09-28
CVE-2022-35282 IBM WebSphere Application Server 代码问题漏洞 — WebSphere Application Server 5.7 -2022-09-28
CVE-2022-22387 IBM Application Gateway 跨站脚本漏洞 — Application Gateway 5.4 -2022-09-28
CVE-2022-40748 IBM InfoSphere Information Server 跨站脚本漏洞 — InfoSphere Information Server 5.4 -2022-09-23
CVE-2022-35721 IBM Jazz for Service Management 跨站脚本漏洞 — Jazz for Service Management 5.4 -2022-09-23
CVE-2022-34348 IBM Sterling Partner Engagement Manager和IBM X-Force 代码问题漏洞 — Partner Engagement Manager 7.1 -2022-09-23
CVE-2022-22423 IBM Common Cryptographic Architecture 输入验证错误漏洞 — CCA for MTM 4767 5.5 -2022-09-23
CVE-2022-40616 IBM Maximo Asset Management 授权问题漏洞 — Maximo Asset Management 9.1 -2022-09-21

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.