Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how ibm compares to other vendors in security performance

View Risk Score →

Software

ibm aix
40
ibm websphere application server feature pack for web services
37
ibm maximo asset management
25
ibm websphere portal
14
ibm business process manager
12
ibm concert software
12
ibm control desk
12
ibm db2 universal database
12
ibm maximo asset management essentials
12
ibm tivoli it asset management for it
12
ibm infosphere data architect
11
ibm lotus domino
10
ibm rational quality manager
10
ibm rational team concert
10
ibm tivoli service request manager
10
ibm b2b sterling integrator
9
ibm infosphere master data management server for product information management
9
ibm maximo for life sciences
9
ibm maximo for nuclear power
9
ibm maximo for oil and gas
9
ibm maximo for transportation
9
ibm maximo for utilities
9
ibm maximo service desk
9
ibm rational requirements composer
9
ibm engineering requirements management doors next generation
8
ibm maximo for government
8
ibm qradar security information and event manager
8
ibm curam social program management
7
ibm db2 recovery expert for luw
7
ibm lotus domino mail server
7
ibm tivoli storage manager
7
ibm websphere mq appliance
7
ibm sametime
6
ibm security verify governance
6
ibm algorithmics
5
ibm cognos analytics
5
ibm db2
5
ibm infosphere information server
5
ibm websphere message broker
5
ibm aspera faspex 5
4
ibm change and configuration management database
4
ibm cloud orchestrator
4
ibm cognos business intelligence server
4
ibm collaborative lifecycle management
4
ibm flashcopy manager
4
ibm informix dynamic server
4
ibm infosphere biginsights
4
ibm infosphere master data management
4
ibm infosphere master data management collaboration server
4
ibm infosphere master data management collaborative server
4

IBM InfoSphere Information ServerIBM InfoSphere Information Server is vulnerable due to disclosure of sensitive information

Risk 17
Severity
3.1
First published (updated )
CVE-2025-14808

IBM watsonx.dataPrivileged User File Upload Vulnerability Leading to Limited Server-Side Execution affects watsonx.data

Risk 26
Severity
3.8
First published (updated )
CVE-2025-36183

npm/webpackwebpack buildHttp: allowedUris allow-list bypass via URL userinfo (@) leading to build-time SSRF behavior

Risk 25
Severity
3.7
First published (updated )
CVE-2025-68458

npm/webpackwebpack buildHttp HttpUriPlugin allowedUris bypass via HTTP redirects

Risk 25
Severity
3.7
First published (updated )
CVE-2025-68157

IBM Jazz Reporting ServiceIBM Jazz Reporting Service Denial of Service

Risk 19
Severity
3.5
First published (updated )
CVE-2025-2134
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

IBM Jazz Reporting ServiceIBM Jazz Reporting Service Information Disclosure

Risk 19
Severity
3.5
First published (updated )
CVE-2025-27550

IBM Jazz Reporting ServiceIBM Jazz Reporting Service Denial of Service

Risk 19
Severity
3.5
First published (updated )
CVE-2025-1823

IBM PowerVM HypervisorThis Power System update is being released to address

Risk 18
Severity
3.3
First published (updated )
CVE-2025-36194

npm/jsdiffjsdiff has a Denial of Service vulnerability in parsePatch and applyPatch

Risk 31
Severity
2.7
EPSS
0.02%
First published (updated )
CVE-2026-24001

IBM ApplinXMultiple vulnerabilities found in IBM ApplinX.

Risk 19
Severity
3.5
First published (updated )
CVE-2025-36411
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

pip/aiohttpAIOHTTP Vulnerable to Cookie Parser Warning Storm

Risk 29
Severity
2.7
First published (updated )
CVE-2025-69230

pypi/aiohttpAIOHTTP Regex Mismatch Allows Unicode in ASCII-Only Protocol Fields

Risk 29
Severity
2.7
First published (updated )
CVE-2025-69225

rubygems/uriURI Credential Leakage Bypass over CVE-2025-27221

Risk 43
Severity
2.1
First published (updated )
CVE-2025-61594

IBM Aspera FaspexIncorrect Execution-Assigned Permissions in IBM Aspera Faspex

Risk 26
Severity
3.8
First published (updated )
CVE-2025-36228

IBM ControllerIBM Controller Validation Bypass

Risk 16
Severity
2.7
First published (updated )
CVE-2025-36102
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

IBM QRadar Security Information and Event ManagerIBM QRadar SIEM is affected by an information disclosure vulnerability

Risk 16
Severity
2.7
First published (updated )
CVE-2024-56464

linuxfoundation Pytorch PythonAn issue was discovered in PyTorch v2.5 and v2.7.1. Omission of profiler.stop() can cause torch.prof…

Risk 18
Severity
3.3
First published (updated )
CVE-2025-63396

IBM TerracottaIBM Terracotta denial of service

Risk 20
Severity
3.7
First published (updated )
CVE-2025-2529

IBM Engineering Requirements Management DOORS NextIBM Engineering Requirements Management Doors Next data modification

Risk 19
Severity
3.5
First published (updated )
CVE-2025-2138

IBM Engineering Requirements Management DOORS NextIBM Engineering Requirements Management Doors Next security bypass

Risk 19
Severity
3.5
First published (updated )
CVE-2025-2139
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Microsoft azl3 rubygem-rexml 3.3.9-1REXML has a DoS condition when parsing malformed XML file

Risk 43
Severity
1.2
First published (updated )
CVE-2025-58767

IBM QRadar Security Information and Event ManagerIBM QRadar SIEM information disclosure

Risk 13
Severity
2.3
First published (updated )
CVE-2025-0164

npm/viteVite's `server.fs` settings were not applied to HTML files

Risk 27
Severity
2.3
First published (updated )
CVE-2025-58752

npm/viteVite middleware may serve files starting with the same name with the public directory

Risk 27
Severity
2.3
First published (updated )
CVE-2025-58751

Netty NettyNetty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

Risk 43
Severity
2.9
First published (updated )
CVE-2025-58056
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

rubygems/activerecordActive Record logging vulnerable to ANSI escape injection

Risk 19
Severity
2.7
First published (updated )
CVE-2025-55193

Thor ThorOS Command Injection

Risk 16
Severity
2.8
First published (updated )
CVE-2025-54314

on-headers on-headerson-headers vulnerable to http response header manipulation

Risk 18
Severity
3.4
EPSS
0.01%
First published (updated )
CVE-2025-7339

pip/aiohttpAIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections

Risk 43
Severity
1.7
First published (updated )
CVE-2025-53643

Hugging Face TransformersImproper Input Validation in huggingface/transformers

Risk 19
Severity
3.5
First published (updated )
CVE-2025-3777
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203