Lucene search
K

2422 matches found

Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.5 views

PT-2026-3588

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system...

6.3CVSS5.5AI score0.00158EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.5 views

PT-2026-3587

Name of the Vulnerable Software and Affected Versions IBM Sterling Connect:Express Adapter for Sterling B2B Integrator versions 5.2.0.00 through 5.2.0.12 Description The software does not invalidate session data after a user logs out. This could potentially allow an authenticated user to...

6.5CVSS5.4AI score0.00145EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/01/16 9:44 a.m.6 views

WordPress bidorbuy Store Integrator plugin <= 2.12.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Skalucy in WordPress Plugin bidorbuy Store Integrator versions = 2.12.0...

7.1CVSS6.1AI score0.00175EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 11:51 a.m.7 views

CVE-2009-4514

Cross-site scripting XSS vulnerability in the OpenSocial Shindig-Integrator module 5.x and 6.x before 6.x-2.1, a module for Drupal, allows remote authenticated users, with "create application" privileges, to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.6AI score0.00868EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:52 a.m.6 views

CVE-2022-33167

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the...

7.5CVSS5.9AI score0.00426EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:14 a.m.14 views

CVE-2019-2943

Vulnerability in the Oracle Data Integrator product of Oracle Fusion Middleware component: Studio. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Data Integrator. Successful...

6.5CVSS6.2AI score0.01494EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:31 a.m.6 views

CVE-2023-25682

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 247034...

6.2CVSS5.9AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:29 a.m.2 views

CVE-2023-50316

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...

9.8CVSS7.2AI score0.00341EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:29 a.m.9 views

CVE-2023-50307

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...

5.4CVSS6.1AI score0.00321EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:51 a.m.4 views

CVE-2021-2434

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Application Service. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

8.1CVSS6.6AI score0.00987EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:43 a.m.20 views

CVE-2022-33162

IBM Security Directory Integrator 7.2.0 and Security Verify Directory Integrator 10.0.0 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources, at the privilege level of a standard unprivileged user. IBM X-Force I...

9.8CVSS6.7AI score0.0043EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:37 a.m.8 views

CVE-2019-11654

Path traversal vulnerability in Micro Focus Verastream Host Integrator VHI, versions 7.7 SP2 and earlier, The vulnerability allows remote unauthenticated attackers to read arbitrary files...

8.6CVSS7AI score0.0257EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:17 a.m.7 views

CVE-2025-1349

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

5.5CVSS6.4AI score0.00175EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/01 11:8 a.m.6 views

Security Bulletin: Multiple Security Vulnerabilities in IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-48795 CVE-2025-48913)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerabilities Vulnerability Details CVEID:CVE-2025-48795 DESCRIPTION: Apache CXF stores large stream based messages as temporary files on the local filesystem. A bug was introduced which means that the...

9.8CVSS7.1AI score0.00739EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/26 2:49 p.m.8 views

CVE-2025-36134

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie...

7.5CVSS6.2AI score0.00261EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/25 7:4 p.m.5 views

CVE-2025-36112

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could reveal sensitive server IP configuration information to an unauthorized user...

5.3CVSS6.4AI score0.00205EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/25 3:31 p.m.5 views

EUVD-2025-199597

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie...

3.7CVSS5.7AI score0.00261EPSS
Exploits0References2
NVD
NVD
added 2025/11/25 3:15 p.m.5 views

CVE-2025-36134

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie...

7.5CVSS0.00261EPSS
Exploits0References1
OSV
OSV
added 2025/11/25 3:15 p.m.3 views

CVE-2025-36134

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie...

7.5CVSS5.7AI score0.00261EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/25 2:40 p.m.8 views

CVE-2025-36134 IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie...

3.7CVSS0.00261EPSS
Exploits0References1
Rows per page
Query Builder