Vulnerabilidades em IBM

4.761 resultados
Análise Vexday

Com 4.716 CVEs catalogadas, o portfólio da IBM acumula um volume expressivo de vulnerabilidades, embora sua taxa de exploração ativa — 5 entradas no catálogo KEV da CISA, representando 0,11% do total — esteja abaixo da média geral do catálogo (0,45%), o que sugere menor aproveitamento ativo em comparação proporcional com outros vendors. A atenção deve se concentrar em CVE-2022-47986, cuja pontuação EPSS de 0,9997 indica probabilidade extremamente elevada de exploração ativa, tornando-a prioridade imediata de mitigação. As 92 CVEs críticas e 18 com PoC pública ampliam a superfície de risco concreto, especialmente considerando que 129 novas vulnerabilidades surgiram nos últimos 90 dias, indicando ritmo relevante de descoberta recente. O tipo de falha mais recorrente, CWE-79 (Cross-Site Scripting), aponta para fragilidades persistentes na camada de apresentação que exigem atenção continuada em práticas de desenvolvimento e validação de entrada.

CVE-2026-8646HIGHIBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilitiesEPSS 0.3%CVE-2024-28798HIGHIBM InfoSphere Information Server cross-site scriptingEPSS 0.3%CVE-2023-50961MEDIUMIBM QRadar cross-site scriptingEPSS 0.3%CVE-2026-10845HIGHIBM WebSphere Application Server is affected by an authentication bypass vulnerabilityEPSS 0.3%CVE-2026-11594HIGHIBM WebSphere Application Server is affected by multiple cross-site scripting vulnerabilitiesEPSS 0.3%CVE-2025-14031HIGHIBM Sterling B2B Integrator and IBM Sterling File Gateway Denial of ServiceEPSS 0.3%CVE-2023-50939MEDIUMIBM PowerSC information DisclosureEPSS 0.3%CVE-2022-40746HIGHIBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 could allow a local authenticated attacker to execute arbitrary code on EPSS 0.3%CVE-2017-1434IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) under unusual circumstances, could expose highly sensitive informatioEPSS 0.3%CVE-2023-23472LOWIBM InfoSphere Information Server information disclosureEPSS 0.3%CVE-2019-4448HIGHIBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum and db2hpum_debug binaEPSS 0.3%CVE-2025-2697HIGHIBM Cognos Command Center HTTP Open RedirectEPSS 0.3%CVE-2024-37070MEDIUMIBM Concert Software information disclosureEPSS 0.3%CVE-2026-1577MEDIUMIBM® Db2® is vulnerable to a denial of service with a specially crafted query involving multiple subqueriesEPSS 0.3%CVE-2024-49353HIGHIBM Watson Speech Services Cartridge for IBM Cloud Pak for Data denial of serviceEPSS 0.3%CVE-2024-52902HIGHIBM Cognos Controller information disclosureEPSS 0.3%CVE-2019-4093MEDIUMIBM Tivoli Storage Manager (IBM Spectrum Protect 8.1.7) could allow a user to restore files and directories using IBM Spectrum Prootect ClieEPSS 0.3%CVE-2025-13219MEDIUMMultiple vulnerabilities in IBM Aspera OrchestratorEPSS 0.3%CVE-2019-4054MEDIUMIBM QRadar SIEM 7.2 and 7.3 could allow a local user to obtain sensitive information when exporting content that could aid an attacker in fuEPSS 0.3%CVE-2025-1722MEDIUMMultiple Vulnerabilities in IBM Concert SoftwareEPSS 0.3%