772 matches found
EUVD-2022-37305
Malicious code in bioql PyPI...
EUVD-2023-51820
Malicious code in bioql PyPI...
EUVD-2021-7858
Malicious code in bioql PyPI...
Security Bulletin: Multiple Vulnerabilities in IBM API Connect
Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.4 Vulnerability Details CVEID:CVE-2016-10228 DESCRIPTION: The iconv program in the GNU C Library aka glibc or libc6 2.31 and earlier, when invoked with multiple suffixes in the destination encoding TRANSLATE or IGNO...
Security Bulletin: Multiple Vulnerabilities in IBM API Connect
Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.3 Vulnerability Details CVEID:CVE-2013-4660 DESCRIPTION: The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute...
Security Bulletin: Multiple Vulnerabilities in IBM API Connect
Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.2-ifix2 Vulnerability Details CVEID:CVE-2019-12900 DESCRIPTION: BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. CWE:CWE-787: Out-of-bounds Write CVSS...
CVE-2023-47722
IBM API Connect V10.0.5.3 and V10.0.6.0 stores user credentials in browser cache which can be read by a local user. IBM X-Force ID: 271912...
CVE-2023-28522
IBM API Connect V10 could allow an authenticated user to perform actions that they should not have access to. IBM X-Force ID: 250585...
CVE-2022-34350
IBM API Connect 10.0.0.0 through 10.0.5.0, 10.0.1.0 through 10.0.1.7, and 2018.4.1.0 through 2018.4.1.20 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to...
Security Bulletin: Multiple Vulnerabilities in IBM API Connect
Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.2-ifix1 Vulnerability Details CVEID:CVE-2025-1974 DESCRIPTION: A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve...
Security Bulletin: IBM API Connect is impacted by host header injection vulnerability (CVE-2021-38997)
Summary IBM API Connect is impacted by host header injection vulnerability. The fix addresses the host header injection CVE-2021-38997. Vulnerability Details CVEID:CVE-2021-38997 DESCRIPTION: IBM API Connect is vulnerable to HTTP header injection, caused by improper validation of input by the HOS...
Security Bulletin: Multiple Vulnerabilities in IBM API Connect
Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.2 Vulnerability Details CVEID:CVE-2024-21236 DESCRIPTION: Oracle MySQL Server is vulnerable to a denial of service related to the InnoDB component. By sending a specially crafted request, a remote authenticated...
CVE-2023-47722
IBM API Connect V10.0.5.3 and V10.0.6.0 stores user credentials in browser cache which can be read by a local user. IBM X-Force ID: 271912...
CVE-2023-47722
IBM API Connect V10.0.5.3 and V10.0.6.0 stores user credentials in browser cache which can be read by a local user. IBM X-Force ID: 271912...
Design/Logic Flaw
IBM API Connect V10.0.5.3 and V10.0.6.0 stores user credentials in browser cache which can be read by a local user. IBM X-Force ID: 271912...
CVE-2023-47722 IBM API Connect information disclosure
IBM API Connect V10.0.5.3 and V10.0.6.0 stores user credentials in browser cache which can be read by a local user. IBM X-Force ID: 271912...
CVE-2023-47722
IBM API Connect vulnerability CVE-2023-47722 affects API Connect versions 10.0.5.3 and 10.0.6.0, where user credentials are stored in the browser cache and can be read by a local user. The issue is described in IBM security advisories and Red Hat/NVD entries, with a base CVSS v3.1 score of 5.5–6....
Security Bulletin: API Connect V10 is vulnerable to credential exposure
Summary IBM API Connect V10 stores user credentials in browser cache which can be read by a local user CVE-2023-47722 Vulnerability Details CVEID:CVE-2023-47722 DESCRIPTION: IBM API Connect V10 stores user credentials in browser cache which can be read by a local user. CVSS Base score: 6.2 CVSS...
Security Bulletin: IBM API Connect is vulnerable to OpenSSL vulnerabilities (CVE-2022-4304, CVE-2023-0215, CVE-2023-0286)
Summary IBM API Connect has addressed the following information disclosure and denial of service vulnerabilities in OpenSSL CVE-2022-4304, CVE-2023-0215, and CVE-2023-0286. Vulnerability Details CVEID:CVE-2022-4304 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information...
CVE-2023-28522
IBM API Connect V10 could allow an authenticated user to perform actions that they should not have access to. IBM X-Force ID: 250585...