Lucene search
K

777 matches found

NVD
NVD
added yesterday8 views

CVE-2026-9074

IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an unauthenticated SQL injection vulnerability in the password reset functionality...

9.1CVSS
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-9074

IBM API Connect is affected by an unauthenticated SQL injection in the password reset flow for versions 10.0.8.0–10.0.8.9 and 12.1.0.0–12.1.0.3. The issue is a server-side SQL injection vulnerability that can be exploited without authentication, with network access required and no user interactio...

9.1CVSS6AI score
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-42307

IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an unauthenticated SQL injection vulnerability in the password reset functionality...

9.1CVSS6AI score
Exploits0References2
CVE
CVE
added yesterday7 views

CVE-2026-3144

CVE-2026-3144 affects IBM API Connect 12.1.0.0 through 12.1.0.3. The root cause is the use of default credentials, which could enable an attacker to gain unauthorized access to the application before credentials are updated. The available documents confirm the affected product and the credential-...

8.1CVSS5.9AI score
Exploits0References1
Cvelist
Cvelist
added yesterday7 views

CVE-2026-3144 IBM API Connect Default Credentials

IBM API Connect 12.1.0.0 through 12.1.0.3 uses default credentials which could allow an attacker to gain unauthorized access to the application before the system enforces a credential update...

8.1CVSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/11 11:57 p.m.21 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version v12.1.0.3 Vulnerability Details CVEID:CVE-2025-11187 DESCRIPTION: Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer...

9.8CVSS8.1AI score0.47621EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/30 8:4 p.m.14 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version v12.1.0.2 Vulnerability Details CVEID:CVE-2012-6708 DESCRIPTION: jQuery before 1.9.0 is vulnerable to Cross-site Scripting XSS attacks. The jQuerystrInput function does not differentiate selectors from HTML in a reliable...

7.8CVSS6.7AI score0.87218EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/02 4:48 p.m.16 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.7 Vulnerability Details CVEID:CVE-2025-12818 DESCRIPTION: Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an...

7.6CVSS7AI score0.03092EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/06 5:13 p.m.19 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version v12.1.0.1 Vulnerability Details CVEID:CVE-2023-39804 DESCRIPTION: In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. CVSS Source: IBM X-Force CVSS Base...

8.6CVSS6.8AI score0.01082EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/30 5:20 p.m.33 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.6 Vulnerability Details CVEID:CVE-2021-3999 DESCRIPTION: A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A loc...

9.8CVSS6.8AI score0.08673EPSS
Exploits7Affected Software1
The Hacker News
The Hacker News
added 2025/12/31 1:37 p.m.8 views

Critical CVSS 9.8 Flaw Found in IBM API Connect Authentication System

IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The vulnerability, tracked as CVE-2025-13915 , is rated 9.8 out of a maximum of 10.0 on the CVSS scoring system. It has been described as an authentication...

9.8CVSS6.7AI score0.08673EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/27 1:38 p.m.6 views

CVE-2025-13915

IBM API Connect 10.0.8.0 through 10.0.8.5, and 10.0.11.0 could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application...

9.8CVSS7AI score0.08673EPSS
Exploits0References1
OSV
OSV
added 2025/12/26 2:15 p.m.6 views

CVE-2025-13915

IBM API Connect 10.0.8.0 through 10.0.8.5, and 10.0.11.0 could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application...

9.8CVSS5.8AI score0.08673EPSS
Exploits0References1
NVD
NVD
added 2025/12/26 2:15 p.m.5 views

CVE-2025-13915

IBM API Connect 10.0.8.0 through 10.0.8.5, and 10.0.11.0 could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application...

9.8CVSS0.08673EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/26 1:16 p.m.24 views

CVE-2025-13915 Authentication bypass in IBM API Connect

IBM API Connect 10.0.8.0 through 10.0.8.5, and 10.0.11.0 could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application...

9.8CVSS0.08673EPSS
Exploits0References1
CVE
CVE
added 2025/12/26 1:16 p.m.25 views

CVE-2025-13915

IBM API Connect is affected by CVE-2025-13915, a remote authentication bypass in versions 10.0.8.0–10.0.8.5 and 10.0.11.0. The issue allows an unauthenticated attacker to bypass authentication and gain unauthorized access to the application. IBM’s security bulletin recommends upgrading to version...

9.8CVSS6.6AI score0.08673EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/25 2:4 p.m.11 views

Security Bulletin: Authentication bypass in IBM API Connect

Summary Internal testing has revealed a potential authentication bypass in IBM API Connect Vulnerability Details CVEID:CVE-2025-13915 DESCRIPTION: IBM API Connect could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application. CWE:CWE-305:...

9.8CVSS7AI score0.08673EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/12 7:8 p.m.16 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.5 Vulnerability Details CVEID:CVE-2020-36732 DESCRIPTION: The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an integer, which makes the output more...

8.1CVSS7.5AI score0.035EPSS
Exploits4Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-12291

Malware in sbrugna...

9.9CVSS9.1AI score0.00713EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-25434

Malware in sbrugna...

5.4CVSS5.6AI score0.00381EPSS
Exploits0References3
Rows per page
Query Builder