IBM News Articles
Recent news articles refferecing the vendors vulnerabilities.
GBHackers NewsCVE-2025-36038IBM WebSphere Application Server Vulnerability Allows Remote Code Execution
A critical security vulnerability, tracked as CVE-2025-36038, has been discovered in IBM WebSphere Application Server.
2 weeks ago
GBHackers NewsCVE-2025-33108IBM Backup Services Flaw Allows Hackers to Gain Elevated Access
A critical security vulnerability has been identified in IBM’s Backup, Recovery, and Media Services (BRMS) for IBM i, potentially exposing enterprise environments to privilege escalation attacks.
GBHackers NewsCVE-2024-51456IBM Robotic Process Autmation Vulnerability Let Attackers Obtain Sensitive Data
A newly disclosed security vulnerability in IBM Robotic Process Automation (RPA) has raised concerns about potential data breaches.
GBHackers NewsCVE-2024-49785IBM Watsonx.ai Vulnerability Let Attackers Trigger XSS Attacks
A recently disclosed vulnerability, identified as CVE-2024-49785, has been found in IBM watsonx.ai, including its integration with IBM Cloud Pak for Data.
CybersecurityNewsCVE-2024-49785IBM watsonx.ai Vulnerability Let Attackers Embed Arbitrary JavaScript Code in Web UI
IBM disclosed a significant vulnerability in its watsonx.ai platform, potentially exposing users to cross-site scripting (XSS) attacks. The vulnerability, identified as CVE-2024-49785, affects both IBM watsonx.ai on Cloud Pak for Data and standalone IBM watsonx.ai installations. The security flaw al...
IBM Cognos Analytics Vulnerability Allows Malicious File Upload & Injection Attacks
IBM has released a critical security update for its Cognos Analytics software, addressing two severe vulnerabilities: CVE-2023-42017 and CVE-2024-51466.
IBM AIX Vulnerability Let Attackers Trigger DoS Condition
IBM has reported vulnerabilities in its AIX operating system that could allow attackers to cause a Denial of Service (DoS) condition.
CybersecurityNewsCVE-2023-47731IBM QRadar XSS Flaw Let Attackers Arbitrary JavaScript Code
A significant vulnerability was detected in IBM QRadar Suite Software and Cloud Pak for Security that allows attackers to execute arbitrary
The Cyber ExpressCVE-2024-25029CVE-2024-25029 Affects IBM's Personal Communications
IBM has released an advisory and client update to help users deal with CVE-2024-25029 but have stated that its exploitability is not yet certain.
prophaze.comCVE-2023-35899Common Vulnerabilities and Exposures - Cloud WAF
Products Prophaze WAF 3.0 API Security Cloud WAF Kubernetes WAF On Premises WAF WAF API Gateway Bot Protection Layer 7 DDoS Protection Prophaze DNS Solution WAF-as-a-Service MSP and...
prophaze.comCVE-2023-32331CVE-2023-32331 : IBM STERLING CONNECT EXPRESS 1.5.0 ON UNIX MEMORY CORRUPTION - Cloud WAF
CVE-2023-32331 : IBM Connect:Express for UNIX 1.5.0 is vulnerable to a buffer overflow that could allow a remote attacker to cause a denial of service through its browser UI. IBM X-Force ID: 254979.
prophaze.comCVE-2024-22320CVE-2024-22320 : IBM OPERATIONAL DECISION MANAGER UP TO 8.12.0.1 REQUEST DESERIALIZATION - Cloud WAF
CVE-2024-22320 : IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization.