39 matches found
CVE-2026-2031
An Improper Access Control vulnerability in several internal API endpoints for Google Cloud Application Integration prior to 2026-01-23 allows a remote, unauthenticated attacker to disclose sensitive internal information and execute arbitrary code using specially crafted HTTP requests to...
EUVD-2026-30552
An Improper Access Control vulnerability in several internal API endpoints for Google Cloud Application Integration prior to 2026-01-23 allows a remote, unauthenticated attacker to disclose sensitive internal information and execute arbitrary code using specially crafted HTTP requests to...
CVE-2026-2031
An Improper Access Control vulnerability in several internal API endpoints for Google Cloud Application Integration prior to 2026-01-23 allows a remote, unauthenticated attacker to disclose sensitive internal information and execute arbitrary code using specially crafted HTTP requests to...
CVE-2026-2031
The CVE-2026-2031 entry describes an improper access control vulnerability in several internal API endpoints of Google Cloud Application Integration (prior to 2026-01-23). An unauthenticated remote attacker can disclose sensitive internal information and execute arbitrary code by sending speciall...
CVE-2026-2031 Google Cloud Application Integration: Exposed internal APIs allow Information Disclosure and Remote Code Execution.
An Improper Access Control vulnerability in several internal API endpoints for Google Cloud Application Integration prior to 2026-01-23 allows a remote, unauthenticated attacker to disclose sensitive internal information and execute arbitrary code using specially crafted HTTP requests to...
Google Cloud Application Integration 安全漏洞
Google Cloud Application Integration is a cloud-based integration platform offered by Google Inc., which supports cross-applicational connections, process orchestration, and API integration. Versions of Google Cloud Application Integration prior to version 2026-01-23 contained security...
PT-2026-41309
Name of the Vulnerable Software and Affected Versions Google Cloud Application Integration versions prior to 2026-01-23 Description Improper Access Control in several internal API endpoints allows a remote, unauthenticated attacker to disclose sensitive internal information and execute arbitrary...
Phishing campaign abuses Google Cloud services to steal Microsoft 365 logins
Attackers are sending very convincing fake “Google” emails that slip past spam filters, route victims through several trusted Google-owned services, and ultimately lead to a look-alike Microsoft 365 sign-in page designed to harvest usernames and passwords. Researchers found that cybercriminals us...
Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign
Cybersecurity researchers have disclosed details of a phishing campaign that involves the attackers impersonating legitimate Google-generated messages by abusing Google Cloud's Application Integration service to distribute emails. The activity, Check Point said, takes advantage of the trust...
EUVD-2021-21393
Malware in sbrugna...
EUVD-2025-1953
Malicious code in bioql PyPI...
IBM EntireX Path Traversal Vulnerability
IBM EntireX is a cross-platform application integration middleware developed by IBM to support data communication and transaction processing between heterogeneous systems. A path traversal vulnerability exists in IBM EntireX, which can be exploited by an attacker to view arbitrary files on a syst...
CVE-2025-0982
Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript...
CVE-2025-0982
Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript...
CVE-2025-0982
CVE-2025-0982 : Sandbox escape in Google Cloud Application Integration’s JavaScript Task (Rhino engine). The exploit would require crafted JavaScript code run by Rhino. Effective January 24, 2025, Rhino is no longer supported by Application Integration, and no further fix actions are needed. The ...
PT-2025-5810 · Google · Google Cloud Application Integration
Name of the Vulnerable Software and Affected Versions: Google Cloud Application Integration affected versions not specified Description: A sandbox escape issue in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted...
Oracle Siebel CRM (April 2013 CPU)
The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2013 CPU advisory. - Vulnerability in the Siebel Enterprise Application Integration component of Oracle Siebel CRM subcomponent: Web Services. Supported versions that...
Sentry improper error handling leaks Application Integration Client Secret
Impact During routine testing, we identified a scenario where a specific error message generated by our platform could include a plaintext Client ID and Client Secret for an application integration. The Client ID and Client Secret would not be displayed in the UI, but would be returned in the...
GHSA-V5H2-Q2W4-GPCX Sentry improper error handling leaks Application Integration Client Secret
Impact During routine testing, we identified a scenario where a specific error message generated by our platform could include a plaintext Client ID and Client Secret for an application integration. The Client ID and Client Secret would not be displayed in the UI, but would be returned in the...
CVE-2024-53253
Sentry is an error tracking and performance monitoring platform. Version 24.11.0, and only version 24.11.0, is vulnerable to a scenario where a specific error message generated by the Sentry platform could include a plaintext Client ID and Client Secret for an application integration. The Client ...