CVE-2022-38391

IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982...

Security Bulletin: IBM Spectrum Control is vulnerable to weaknesses related to axios (CVE-2025-58754)

Summary axios is vulnerable to Denial of Service attacks. These vulnerabilities affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to versions 0.30.2 and 1.12.0 runs on Node.js and...

Security Bulletin: IBM Spectrum Control is vulnerable to weakness related to xmldom (CVE-2021-32796)

Summary Vulnerability in JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2021-32796 DESCRIPTION: xmldom is an open source pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and...

Security Bulletin: IBM Spectrum Control is vulnerable to weakness related to Apache Commons FileUpload (CVE-2025-48976)

Summary Vulnerability in Apache Commons FileUpload allows denial of service may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. Thi...

Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM Spectrum Control

Summary Vulnerabilities in IBM® SDK, Java™ Technology Edition may affect IBM Spectrum Control which could allow a remote attacker to cause high confidentiality impact and high integrity impact. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related...

EUVD-2016-6877

Malware in sbrugna...

EUVD-2016-6880

Malware in sbrugna...

EUVD-2016-6881

Malware in sbrugna...

EUVD-2016-6878

Malware in sbrugna...

EUVD-2022-40977

Malicious code in bioql PyPI...

Security Bulletin: IBM Spectrum Control is vulnerable to weaknesses related to activemq-web (CVE-2012-6092, CVE-2015-6524, CVE-2016-0734, CVE-2011-4905, CVE-2012-6551, CVE-2013-1879, CVE-2013-1880)

Summary Cross-site scripting XSS, brute force attack, denial of service vulnerabilities in activemq-web may affect IBM Spectrum Control. CVE-2012-6092, CVE-2015-6524, CVE-2016-0734, CVE-2011-4905, CVE-2012-6551, CVE-2013-1879, CVE-2013-1880 Vulnerability Details CVEID:CVE-2012-6092 DESCRIPTION:...

Security Bulletin: IBM Spectrum Control is vulnerable to weaknesses related to Multer middleware of node.js (CVE-2025-47935)

Summary Multer is vulnerable to a denial of service attack. This vulnerability affects IBM Spectrum Control. CVE-2025-47935. Vulnerability Details CVEID:CVE-2025-47935 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. Versions prior to 2.0.0 are vulnerable to a resourc...

Security Bulletin: IBM Spectrum Control is vulnerable to weaknesses related to protobuf-java (CVE-2024-7254)

Summary protobuf-java is vulnerable to a StackOverflow attack. This vulnerability affects IBM Spectrum Control. CVE-2024-7254. Vulnerability Details CVEID:CVE-2024-7254 DESCRIPTION: Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of...

Security Bulletin: IBM Spectrum Control is vulnerable to weaknesses related to activemq-core (CVE-2014-3600, CVE-2013-1879, CVE-2015-6524, CVE-2011-4905)

Summary XML external entity XXE, cross-site scripting XSS, brute force attack, denial of service vulnerabilities in activemq-core may affect IBM Spectrum Control. CVE-2014-3600, CVE-2013-1879, CVE-2015-6524, CVE-2011-4905. Vulnerability Details CVEID:CVE-2014-3600 DESCRIPTION: XML external entity...

Security Bulletin: IBM Spectrum Control is vulnerable to weaknesses related to path-to-regexp (CVE-2024-52798)

Summary path-to-regexp is vulnerable to a backtracking attack. This vulnerability affects IBM Spectrum Control. CVE-2024-52798. Vulnerability Details CVEID:CVE-2024-52798 DESCRIPTION: path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a...

Security Bulletin: IBM Spectrum Control is vulnerable to weaknesses related to axios (CVE-2025-27152)

Summary axios is vulnerable to SSRF and credential leakage attacks. These vulnerabilities affect IBM Spectrum Control. CVE-2025-27152. Vulnerability Details CVEID:CVE-2025-27152 DESCRIPTION: axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute...

Security Bulletin: IBM Spectrum Control is vulnerable to weaknesses related to Camel-core (CVE-2020-11971)

Summary Rebind Flaw vulnerability in Camel-core may affect IBM Spectrum Control. CVE-2020-11971. Vulnerability Details CVEID:CVE-2020-11971 DESCRIPTION: Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrad...

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to Node.js

Summary Vulnerabilities in Node.js such as remote attacker bypass security restrictions may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2023-30581 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by the use of proto in...

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related IBM WebSphere Application Server Liberty and FasterXML jackson-databind

Summary Vulnerabilities in IBM WebSphere Application Server Liberty and FasterXML jackson-databind such as HTTP header injection, identity spoofing, denial of service may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0...

Security Bulletin: Vulnerability in OpenSSL affect BM Spectrum Control

Summary OpenSSL is vulnerable to a denial of service attack. This vulnerability affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error when performing certificate name checks e.g., TLS clients checking...