Lucene search
K

1182 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/12 7:2 p.m.11 views

Security Bulletin: Security Vulnerability in Spring Cloud Affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-41235)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerability in Spring Cloud Vulnerability Details CVEID:CVE-2025-41235 DESCRIPTION: Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies. CWE:CWE-444:...

8.6CVSS7.9AI score0.0029EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/03/17 11:16 p.m.4 views

CVE-2025-14031

IBM Sterling B2B Integrator and and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 could allow an unauthenticated attacker to send a specially crafted request that causes the application to crash...

7.5CVSS0.00337EPSS
Exploits0References1
CVE
CVE
added 2026/03/17 10:41 p.m.10 views

CVE-2025-14031

CVE-2025-14031 affects IBM Sterling B2B Integrator and IBM Sterling File Gateway: versions 6.1.0.0–6.1.2.7_2, 6.2.0.0–6.2.0.5_1, 6.2.1.0–6.2.1.1_1, and 6.2.2.0. An unauthenticated attacker can send a specially crafted request that causes the application to crash, enabling a denial-of-service cond...

7.5CVSS5.8AI score0.00337EPSS
Exploits0References1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/17 8:19 p.m.6 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to an access control security vulnerability in Ops server (CVE-2025-14031)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed access control security vulnerability Vulnerability Details CVEID:CVE-2025-14031 DESCRIPTION: IBM Sterling B2B Integrator and IBM Sterling File Gateway could allow an unauthenticated attacker to send a specially...

7.5CVSS5.8AI score0.00337EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.11 views

PT-2026-25955

IBM Sterling B2B Integrator and and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7 2, 6.2.0.0 through 6.2.0.5 1, 6.2.1.0 through 6.2.1.1 1, and 6.2.2.0 could allow an unauthenticated attacker to send a specially crafted request that causes the application to crash...

7.5CVSS5.8AI score0.00337EPSS
Exploits0References3
NVD
NVD
added 2026/03/13 7:53 p.m.5 views

CVE-2025-14504

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering...

5.4CVSS0.0021EPSS
Exploits0References1
CVE
CVE
added 2026/03/13 7:15 p.m.10 views

CVE-2025-14483

CVE-2025-14483 affects IBM Sterling B2B Integrator and IBM Sterling File Gateway across multiple versions: 6.1.0.0–6.1.2.7_2, 6.2.0.0–6.2.0.5_1, 6.2.1.0–6.2.1.1_1, and 6.2.2.0. The issue is an information disclosure vulnerability where authenticated users can receive sensitive host information in...

6.5CVSS5.7AI score0.00241EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2026/03/13 7:8 p.m.13 views

CVE-2025-14504

CVE-2025-14504 affects IBM Sterling B2B Integrator and IBM Sterling File Gateway across multiple release lines: 6.1.0.0–6.1.2.7_2, 6.2.0.0–6.2.0.5_1, 6.2.1.0–6.2.1.1_1, and 6.2.2.0. The issue is a cross-site scripting (XSS) vulnerability that allows an authenticated user to inject arbitrary JavaS...

5.4CVSS5.5AI score0.0021EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2026/03/13 6:57 p.m.30 views

CVE-2026-0835

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 are vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus alterin...

5.4CVSS0.0021EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 6:57 p.m.8 views

CVE-2026-0835

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 are vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus alterin...

5.4CVSS5.5AI score0.0021EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.6 views

PT-2026-25362

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7 2, 6.2.0.0 through 6.2.0.5 1, and 6.2.1.0 through 6.2.1.1 1 are vulnerable to SQL injection. An administrative user could send specially crafted SQL statements, which could allow the attacker to view, add, modify, o...

6.5CVSS5.9AI score0.00314EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.9 views

IBM Sterling B2B Integrator和IBM Sterling File Gateway SQL注入漏洞

IBM Sterling B2B Integrator and IBM Sterling File Gateway are both products of International Business Machines IBM. IBM Sterling B2B Integrator is a software suite that integrates important B2B processes, transactions, and relationships. This software supports secure integration of complex B2B...

7.2CVSS5.9AI score0.00314EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.5 views

PT-2026-25350

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7 2, 6.2.0.0 through 6.2.0.5 1, 6.2.1.0 through 6.2.1.1 1, and 6.2.2.0 could disclose sensitive host information to authenticated users in responses that could be used in further attacks against the system...

4.3CVSS5.7AI score0.00241EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/12 3:42 p.m.5 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable to XSS security vulnerability in the dashboard UI (CVE-2023-40693)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the XSS security vulnerability Vulnerability Details CVEID:CVE-2023-40693 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed...

5.4CVSS5.5AI score0.00205EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/11 10:24 p.m.6 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to Cryptographic Weakness in IBM Liberty Server ( CVE-2020-36732)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the cryptographic weakness vulnerability Vulnerability Details CVEID:CVE-2020-36732 DESCRIPTION: The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an intege...

5.3CVSS5.8AI score0.01075EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/11 10:20 p.m.8 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to information disclosure (CVE-2025-14483)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed information disclosure security vulnerability Vulnerability Details CVEID:CVE-2025-14483 DESCRIPTION: IBM Sterling B2B Integrator and IBM Sterling File Gateway could disclose sensitive host information to authenticat...

6.5CVSS5.7AI score0.00241EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/05 8:50 p.m.7 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway is Vulnerable to Denial of Service due to IBM Liberty Server (CVE-2025-36000)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the denial-of-service security vulnerability Vulnerability Details CVEID:CVE-2025-36000 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.8 is vulnerable to stored cross-site scripting. Th...

4.8CVSS5.1AI score0.00165EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/01/20 4:16 p.m.3 views

CVE-2025-36065

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system...

6.5CVSS5.8AI score0.00158EPSS
Exploits0References1
OSV
OSV
added 2026/01/20 4:16 p.m.7 views

CVE-2025-36066

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadi...

6.1CVSS5.4AI score0.00172EPSS
Exploits0References1
NVD
NVD
added 2026/01/20 4:16 p.m.6 views

CVE-2025-36065

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system...

6.5CVSS0.00158EPSS
Exploits0References1
Rows per page
Query Builder