Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

772 matches found

NVD
NVDadded 2019/06/25 4:15 p.m.18 views

CVE-2018-2011

IBM API Connect 2018.1 through 2018.4.1.5 could allow an attacker to obtain sensitive information from a specially crafted HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 155150...

5.3CVSS4.9AI score0.00535EPSS
Exploits0References3
NVD
NVDadded 2019/06/25 4:15 p.m.13 views

CVE-2019-4382

IBM API Connect 5.0.0.0 through 5.0.8.6 could allow an unauthorized user to obtain sensitive information about the system users using specially crafted HTTP requests. IBM X-Force ID: 162162...

5.3CVSS5AI score0.00338EPSS
Exploits0References3
OSV
OSVadded 2019/06/25 4:15 p.m.0 views

CVE-2019-4382

IBM API Connect 5.0.0.0 through 5.0.8.6 could allow an unauthorized user to obtain sensitive information about the system users using specially crafted HTTP requests. IBM X-Force ID: 162162...

5.3CVSS6.1AI score
Exploits0References3
OSV
OSVadded 2019/06/25 4:15 p.m.1 views

CVE-2018-2011

IBM API Connect 2018.1 through 2018.4.1.5 could allow an attacker to obtain sensitive information from a specially crafted HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 155150...

5.3CVSS5.8AI score
Exploits0References3
NVD
NVDadded 2019/06/25 4:15 p.m.18 views

CVE-2018-1858

IBM API Connect 5.0.0.0 through 5.0.8.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 151256...

8.8CVSS5.7AI score0.00139EPSS
Exploits0References4
NVD
NVDadded 2019/06/25 4:15 p.m.18 views

CVE-2018-2013

IBM API Connect 2018.1 through 2018.4.1.5 could disclose sensitive information to an unauthorized user that could aid in further attacks against the system. IBM X-Force ID: 155193...

5.3CVSS4.9AI score0.00222EPSS
Exploits0References3
Prion
Prionadded 2019/06/25 4:15 p.m.21 views

Cross site request forgery (csrf)

IBM API Connect 5.0.0.0 through 5.0.8.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 151256...

6.8CVSS8.2AI score0.00139EPSS
Exploits0References4Affected Software1
Prion
Prionadded 2019/06/25 4:15 p.m.15 views

Design/Logic Flaw

IBM API Connect 2018.1 through 2018.4.1.5 could allow an attacker to obtain sensitive information from a specially crafted HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 155150...

5CVSS4.8AI score0.00535EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2019/06/25 4:15 p.m.14 views

Code injection

IBM API Connect 5.0.0.0 through 5.0.8.6 could allow an unauthorized user to obtain sensitive information about the system users using specially crafted HTTP requests. IBM X-Force ID: 162162...

5CVSS4.8AI score0.00338EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2019/06/25 4:15 p.m.14 views

Design/Logic Flaw

IBM API Connect 2018.1 through 2018.4.1.5 could disclose sensitive information to an unauthorized user that could aid in further attacks against the system. IBM X-Force ID: 155193...

5CVSS4.8AI score0.00222EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2019/06/25 3:45 p.m.141 views

CVE-2019-4382

IBM API Connect 5.0.0.0–5.0.8.6 contains an information-disclosure vulnerability (CVE-2019-4382) that could allow an unauthenticated user to obtain sensitive information about system users via specially crafted HTTP requests. The issue affects the LoopBack component and is rated with CVSSv3 base ...

5.3CVSS4.9AI score0.00338EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2019/06/25 3:45 p.m.139 views

CVE-2018-1858

IBM API Connect 5.0.0.0–5.0.8.6 is affected by CVE-2018-1858, a cross-site request forgery that could allow an attacker to perform malicious, unauthorized actions transmitted from a trusted user. The remediation, per IBM, is to upgrade to V5.0.8.6 iFix 2 (5.0.8.6 iFix 2). Public CVSS scores vary ...

8.8CVSS8.4AI score0.00139EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2019/06/25 3:45 p.m.20 views

CVE-2018-2011

IBM API Connect 2018.1 through 2018.4.1.5 could allow an attacker to obtain sensitive information from a specially crafted HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 155150...

5.3CVSS4.9AI score0.00535EPSS
Exploits0References3
Cvelist
Cvelistadded 2019/06/25 3:45 p.m.19 views

CVE-2018-2013

IBM API Connect 2018.1 through 2018.4.1.5 could disclose sensitive information to an unauthorized user that could aid in further attacks against the system. IBM X-Force ID: 155193...

5.3CVSS4.9AI score0.00222EPSS
Exploits0References3
CVE
CVEadded 2019/06/25 3:45 p.m.113 views

CVE-2018-2013

CVE-2018-2013 affects IBM API Connect 2018.1–2018.4.1.5, where an information disclosure vulnerability could allow an unauthorized user to obtain sensitive data and aid further attacks. The CVSS base score is 5.3 (3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) per IBM/X-Force data, with NVD citing a ne...

5.3CVSS4.8AI score0.00222EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2019/06/25 3:45 p.m.19 views

CVE-2018-1858

IBM API Connect 5.0.0.0 through 5.0.8.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 151256...

4.3CVSS8.4AI score0.00139EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2019/06/25 12:0 a.m.3 views

PT-2019-9609 · Ibm · Ibm Api Connect

Name of the Vulnerable Software and Affected Versions: IBM API Connect versions 5.0.0.0 through 5.0.8.6 Description: The issue allows an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts due to cross-site request forgery. Recommendations: For...

8.8CVSS5.2AI score0.00139EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2019/06/25 12:0 a.m.2 views

PT-2019-9998 · Ibm · Ibm Api Connect

Name of the Vulnerable Software and Affected Versions: IBM API Connect versions 2018.1 through 2018.4.1.5 Description: The issue could disclose sensitive information to an unauthorized user, potentially aiding in further attacks against the system. Recommendations: For versions 2018.1 through...

5.3CVSS5.1AI score0.00222EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2019/06/25 12:0 a.m.3 views

PT-2019-9991 · Ibm · Ibm Api Connect

Name of the Vulnerable Software and Affected Versions: IBM API Connect versions 2018.1 through 2018.4.1.5 Description: The issue allows an attacker to obtain sensitive information from a specially crafted HTTP request, which could aid in further attacks against the system. Recommendations: For...

5.3CVSS5.1AI score0.00535EPSS
Exploits0References4
CNVD
CNVDadded 2019/06/21 12:0 a.m.2 views

IBM API Connect Cross-Site Request Forgery Vulnerability

IBM API Connect APIConnect is a suite of integrated solutions for managing the API lifecycle from IBM USA. The product supports creating, running, managing, and securing APIs, microservices, and more. A cross-site request forgery vulnerability exists in IBM API Connect versions 5.0.0.0 through...

8.8CVSS6.8AI score0.00139EPSS
Exploits0References1
Rows per page
Query Builder