Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

IBM — Vulnerabilities & Security Advisories 4629

Browse all 4629 CVE security advisories affecting IBM. AI-powered Chinese analysis, POCs, and references for each vulnerability.

IBM operates as a multinational technology and consulting corporation, primarily providing enterprise software, hybrid cloud services, and artificial intelligence solutions. Its extensive portfolio, including the Red Hat OpenShift platform and Watson AI suite, creates a broad attack surface that has historically been associated with Remote Code Execution (RCE) vulnerabilities, particularly within web application frameworks and middleware. Cross-site scripting (XSS) and privilege escalation flaws also frequently appear in its legacy enterprise applications and containerized environments. While the company maintains robust security protocols, past incidents have included data breaches affecting customer information and supply chain compromises. The high volume of recorded Common Vulnerabilities and Exposures (CVEs) reflects the complexity and scale of its global infrastructure rather than inherent systemic failure, though it necessitates rigorous patch management and continuous monitoring for enterprise clients relying on its diverse technological stack.

Found 79 results / 4629Clear Filters
Top products by IBM: DB2 for Linux, UNIX and Windows InfoSphere Information Server Sterling B2B Integrator WebSphere Application Server Security Guardium QRadar SIEM Cognos Analytics MQ Maximo Asset Management API Connect Rational Quality Manager Rational Collaborative Lifecycle Management Security Key Lifecycle Manager i AIX Spectrum Protect Plus Robotic Process Automation Spectrum Scale UrbanCode Deploy Cognos Controller Aspera Faspex Sterling File Gateway Rational DOORS Next Generation Security Identity Governance and Intelligence Cloud Pak for Security Cloud Pak System Concert Financial Transaction Manager Content Navigator Jazz Reporting Service
CVE IDTitleCVSSSeverityPublished
CVE-2025-2986 IBM Maximo Asset Management cross-site scripting — Maximo Asset ManagementCWE-79 5.5 Medium2025-04-25
CVE-2025-2987 IBM Maximo Asset Management server-side request forgery — Maximo Asset ManagementCWE-918 3.8 Low2025-04-21
CVE-2024-45077 IBM Maximo Asset Management file upload — Maximo Asset ManagementCWE-98 6.5 Medium2025-01-24
CVE-2024-45652 IBM Maximo Asset Management directory traversal — Maximo Asset ManagementCWE-22 6.5 Medium2025-01-19
CVE-2024-45088 IBM Maximo Asset Management cross-site scripting — Maximo Asset ManagementCWE-79 6.4 Medium2024-11-11
CVE-2024-27266 IBM Maximo Application Suite XML external entity injection — Maximo Asset ManagementCWE-611 8.2 High2024-03-14
CVE-2023-38723 Maximo Asset Management cross-site scripting — Maximo Asset ManagementCWE-79 6.4 Medium2024-03-13
CVE-2023-32333 IBM Maximo Asset Management improper access control — Maximo Asset ManagementCWE-284 6.5 Medium2024-02-02
CVE-2023-47718 IBM Maximo Asset Management cross-site request forgery — Maximo Asset ManagementCWE-352 4.3 Medium2024-01-19
CVE-2023-32332 IBM Maximo Application Suite and IBM Maximo Asset Management HTML injection — Maximo Asset Management 5.4 Medium2023-09-08
CVE-2023-32334 IBM Maximo Asset Management information disclosure — Maximo Asset Management 3.7 Low2023-06-05
CVE-2022-43866 IBM Maximo Asset Management cross-site scripting — Maximo Asset ManagementCWE-79 5.4 Medium2023-05-05
CVE-2023-27864 IBM Maximo Asset Management HTML injection — Maximo Asset Management 5.4 Medium2023-04-28
CVE-2023-27860 IBM Maximo Asset Management information disclosure — Maximo Asset ManagementCWE-209 5.3 Medium2023-04-27
CVE-2022-35645 IBM Maximo Asset Management cross-site scripting — Maximo Asset ManagementCWE-79 6.4 Medium2023-03-02
CVE-2022-41734 IBM Maximo Asset Management information disclosure — Maximo Asset ManagementCWE-200 5.3 Medium2023-02-17
CVE-2022-35281 IBM Maximo Application Suite command injection — Maximo Asset ManagementCWE-1236 5.5 Medium2023-01-06
CVE-2022-40616 IBM Maximo Asset Management 授权问题漏洞 — Maximo Asset Management 9.1 -2022-09-21
CVE-2021-38924 IBM Maximo Asset Management 安全漏洞 — Maximo Asset Management 5.3 -2022-09-14
CVE-2022-35714 IBM Maximo Asset Management 跨站脚本漏洞 — Maximo Asset Management 5.4 -2022-08-26
CVE-2021-29854 IBM Maximo Asset Management 安全漏洞 — Maximo Asset Management 5.4 -2022-05-03
CVE-2022-22436 IBM Maximo Asset Management 跨站脚本漏洞 — Maximo Asset Management 5.4 -2022-04-21
CVE-2022-22435 IBM Maximo Asset Management 跨站脚本漏洞 — Maximo Asset Management 5.4 -2022-04-21
CVE-2021-38935 IBM Maximo Asset Management安全漏洞 — Maximo Asset Management 7.5 -2022-02-18
CVE-2021-29743 IBM Maximo Asset Management 跨站脚本漏洞 — Maximo Asset Management 5.4 -2021-08-30
CVE-2021-29744 IBM Maximo Asset Management 跨站脚本漏洞 — Maximo Asset Management 5.4 -2021-08-27
CVE-2021-20509 IBM Maximo Asset Management 注入漏洞 — Maximo Asset Management 9.8 -2021-08-12
CVE-2021-20374 IBM Maximo Asset Management 跨站脚本漏洞 — Maximo Asset Management 5.4 -2021-05-19
CVE-2020-4493 IBM Maximo Asset Management 授权问题漏洞 — Maximo Asset Management 9.8 -2020-10-05
CVE-2020-4409 IBM Maximo Asset Management 输入验证错误漏洞 — Maximo Asset Management 6.1 -2020-09-16

This page lists every published CVE security advisory associated with IBM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.