CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

55 matches found

IBM Security Bulletins•added 2026/05/01 7:38 a.m.•4 views

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to denial-of-service due to Jetty

Summary A security vulnerability in Jetty's ThreadLimitHandler.getRemote can be exploited by unauthorized users to cause remote denial-of-service DoS attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory. IBM Sterling Secure Proxy...

6.5CVSS6.7AI score0.01189EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/03/11 10:24 p.m.•4 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to Cryptographic Weakness in IBM Liberty Server ( CVE-2020-36732)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the cryptographic weakness vulnerability Vulnerability Details CVEID:CVE-2020-36732 DESCRIPTION: The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an intege...

5.3CVSS5.8AI score0.00876EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/03/26 3:27 a.m.•52 views

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to Cross-Site Scripting (CVE-2022-34330)

Summary IBM Sterling B2B Integrator has addressed the cross-site scripting vulnerability Vulnerability Details CVEID:CVE-2022-34330 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code i...

6.1CVSS5.9AI score0.00373EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/03/26 3:26 a.m.•40 views

Security Bulletin: B2B API of IBM Sterling B2B Integrator is vulnerable to information disclosure (CVE-2022-22337)

Summary IBM Sterling B2B Integrator has addressed the information disclousre vulnerability in B2B API Vulnerability Details CVEID:CVE-2022-22337 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could disclose sensitive information to an authenticated user. CVSS Base score: 4.3 CVSS...

6.5CVSS6AI score0.00211EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/03/26 3:25 a.m.•49 views

Security Bulletin: Dashboard of IBM Sterling B2B Integrator is vulnerable to cross-site scripting (CVE-2022-22352)

Summary IBM Sterling B2B Integrator has addressed the cross-site scripting vulnerability in Dashboard. Vulnerability Details CVEID:CVE-2022-22352 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...

5.4CVSS5.2AI score0.00377EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/03/26 2:0 a.m.•37 views

Security Bulletin: IBM Sterling File Gateway is vulnerable to information disclosure (CVE-2021-39086)

Summary IBM Sterling File Gateway has addressed the an information discloure vulnerability. Vulnerability Details CVEID:CVE-2021-39086 DESCRIPTION: IBM Sterling File Gateway could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the...

5.3CVSS4.8AI score0.00097EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2025/03/26 2:0 a.m.•38 views

Security Bulletin: IBM Sterling B2B Integrator Dashboard UI is vulner to SQL Injection (CVE-2021-39085)

Summary IBM Sterling B2B Integrator dashboard UI has addressed an SQL injection vulnerability. Vulnerability Details CVEID:CVE-2021-39085 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which...

9.8CVSS9.8AI score0.00227EPSS

Exploits0Affected Software1

Cvelist•added 2025/02/03 12:0 a.m.•13 views

CVE-2024-56902

Information disclosure vulnerability in Geovision GV-ASManager web application with the version v6.1.0.0 or less, which discloses account information, including cleartext password...

0.33467EPSS

Exploits4References1

CNNVD•added 2024/11/15 12:0 a.m.•1 views

IBM Sterling Secure Proxy 安全漏洞

IBM Sterling Secure Proxy is an International Business Machines IBM application agent for securing file transfers in an organization's unprotected zone DMZ. A security vulnerability exists in IBM Sterling Secure Proxy versions 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0, which stems from a...

7.5CVSS6.7AI score0.00116EPSS

Exploits0References1

IBM Security Bulletins•added 2024/07/17 12:53 p.m.•29 views

Security Bulletin: Multiple vulnerabilities in IBM JAVA JDK affect IBM Storage Scale packaged in IBM Storage Scale System

Summary Multiple vulnerabilities in IBM Java JDK, used by IBM Storage Scale System GUI, could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact and no availability impact. CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926,...

7.4CVSS6.8AI score0.00319EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/05/30 3:24 p.m.•18 views

Security Bulletin: B2B API of IBM Sterling B2B Integrator is vulnerable to information disclosure due to Springfox Swagger (CVE-2019-17495)

Summary IBM Sterling B2B Integrator uses Springfox Swagger. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2019-17495 DESCRIPTION: Swagger UI could allow a remote attacker to obtain sensitive information, caused by a CSS injection flaw. ...

9.8CVSS9.2AI score0.11565EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2023/11/21 4:40 p.m.•59 views

Security Bulletin: IBM Sterling B2B Integrator is affected by sensitive information exposure due to Apache James MIME4J (CVE-2022-45787)

Summary IBM Sterling B2B Integrator uses Apache James MIME4J. Vulnerability Details CVEID: CVE-2022-45787 DESCRIPTION: Apache James MIME4J could allow a local authenticated attacker to obtain sensitive information, caused by improper laxist permissions on the temporary files. By sending a...

5.5CVSS6.1AI score0.00009EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/11/21 4:37 p.m.•42 views

Security Bulletin: IBM Sterling B2B Integrator affected by remote code execution due to Snake Yaml (CVE-2022-1471)

Summary IBM Sterling B2B Integrator uses Snake Yaml. Vulnerability Details CVEID: CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the Constructor class. By using a specially-crafted ya...

9.8CVSS9.7AI score0.93849EPSS

Exploits7Affected Software1

IBM Security Bulletins•added 2023/11/17 1:10 p.m.•52 views

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to cross-site scripting (CVE-2022-43578)

Summary IBM Sterling B2B Integrator has addressed the cross-site scripting security vulnerability. Vulnerability Details CVEID: CVE-2022-43578 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...

5.4CVSS5.3AI score0.00359EPSS

Exploits0Affected Software1

CNNVD•added 2023/05/24 12:0 a.m.•4 views

Fabulatech FabulaTech USB for Remote Desktop 代码问题漏洞

Fabulatech FabulaTech USB for Remote Desktop is a USB device remote connection application from Fabulatech UK that supports redirection of USB devices plugged into the local computer to a remote computer. A code issue vulnerability exists in FabulaTech USB for Remote Desktop version 6.1.0.0, whic...

5.5CVSS5AI score0.00078EPSS

Exploits1References6

Positive Technologies•added 2023/05/24 12:0 a.m.•3 views

PT-2023-2923 · Fabulatech · Fabulatech Usb For Remote Desktop

Name of the Vulnerable Software and Affected Versions: FabulaTech USB for Remote Desktop version 6.1.0.0 Description: A vulnerability was found in the IoControlCode Handler component of FabulaTech USB for Remote Desktop, affecting the function 0x220448/0x220420/0x22040c/0x220408. The manipulation...

5.5CVSS7.1AI score0.00078EPSS

Exploits1References8

Patchstack•added 2023/05/12 12:0 a.m.•8 views

WordPress Community by PeepSo Plugin <= 6.0.9.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Community by PeepSo Type Plugin Vulnerable versions = 6.0.9.0 Fixed in 6.1.0.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-32092 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b99f695dac2f Credits Skalucy...

8.8CVSS6.6AI score0.00097EPSS

Exploits0References1Affected Software1

CNVD•added 2023/02/21 12:0 a.m.•27 views

IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2023-11694)

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with different partner communities.A cross-site scripting...

5.4CVSS2AI score0.00377EPSS

Exploits0References1

IBM Security Bulletins•added 2023/02/09 7:5 p.m.•33 views

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to improper permission controls (CVE-2022-40232)

Summary IBM Sterling B2B Integrator has addressed the permission control security vulnerability Vulnerability Details CVEID:CVE-2022-40232 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could allow an authenticated user to perform actions they should not have access to due to improper...

8.8CVSS7.2AI score0.00291EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/01/05 12:14 p.m.•86 views

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to denial of service due to Google Gson (CVE-2022-25647)

Summary IBM Sterling B2B Integrator has addressed a denial of service vulnerability in Google Gson. Vulnerability Details CVEID:CVE-2022-25647 DESCRIPTION: Google Gson is vulnerable to a denial of service, caused by the deserialization of untrusted data. By using the writeReplace method, a remote...

7.7CVSS7.4AI score0.022EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by