Vulnerabilidades en IBM
4716 resultadosCVE-2018-1821HIGHIBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External Entity Injection (XXE) attack when processinEPSS 15.8%CVE-2020-4210CRITICALIBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafEPSS 15.5%CVE-2020-4222CRITICALIBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafEPSS 15.5%CVE-2020-4213CRITICALIBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafEPSS 15.5%CVE-2020-4212CRITICALIBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafEPSS 15.0%CVE-2019-4013CRITICALIBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This resulEPSS 14.1%CVE-2020-4469HIGHIBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially EPSS 13.4%CVE-2020-4464HIGHIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to execute arbitrary code on a system withEPSS 13.2%CVE-2020-4448CRITICALIBM WebSphere Application Server Network Deployment 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the syEPSS 12.2%CVE-2016-9722—IBM QRadar 7.2 and 7.3 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by uEPSS 12.0%CVE-2018-1756HIGHIBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send specially-cEPSS 10.6%CVE-2018-1722CRITICALIBM Security Access Manager Appliance 9.0.4.0 and 9.0.5.0 could allow remote code execution when Advanced Access Control or Federation serviEPSS 9.0%CVE-2025-13915CRITICALAuthentication bypass in IBM API ConnectEPSS 8.7%CVE-2023-27290CRITICALIBM Observability with Instana missing authenticationEPSS 8.6%CVE-2017-1182—IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default clEPSS 8.5%CVE-2020-4589HIGHIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specialEPSS 8.5%CVE-2020-4415CRITICALIBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allowEPSS 8.1%CVE-2025-36038CRITICALIBM WebSphere Application Server code executionEPSS 8.0%CVE-2019-4382MEDIUMIBM API Connect 5.0.0.0 through 5.0.8.6 could allow an unauthorized user to obtain sensitive information about the system users using speciaEPSS 7.8%CVE-2020-4682HIGHIBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deEPSS 7.7%