Ibm: Security Vulnerabilities
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing.
CVSS Score
9.1
EPSS Score
0.001
Published
2026-06-01
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls.
CVSS Score
9.0
EPSS Score
0.003
Published
2026-06-01
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data via JAX-WS endpoints with WS-Security.
CVSS Score
9.0
EPSS Score
0.003
Published
2026-06-01
IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using the SAML Web Single Sign-On component. This could result in remote code execution via a crafted HTTP request when combined with a suitable gadget chain.
CVSS Score
8.5
EPSS Score
0.003
Published
2026-06-01
IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages.
CVSS Score
4.3
EPSS Score
0.0
Published
2026-05-27
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a potential denial of service in the asperahttpd component. An unauthenticated user can cause the asperahttpd service to crash.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-05-27
IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" (LTR) can expose sensitive credentials in debug mode.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-05-27
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a potential arbitrary file read in the asperahttpd component. An authenticated user may be able to take advantage of this vulnerability to access files in the server’s local storage that they should not have access to.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-05-27
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could allow an authenticated user to execute arbitrary code on the system.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-05-27
IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-05-27
Page 1