CVE-2025-14604

IBM Storage Scale IBM S through rage Scale 5.2.3.0 - 5.2.3.5, and IBM S through rage Scale 6.0.0.0 - 6.0.0.1 could allow a local user to unintentionally trigger additional permissions for resources in a way that allows that resource to be executed by unintended actors...

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to Cross-Site Scripting (CVE-2022-34330)

Summary IBM Sterling B2B Integrator has addressed the cross-site scripting vulnerability Vulnerability Details CVEID:CVE-2022-34330 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code i...

Security Bulletin: B2B API of IBM Sterling B2B Integrator is vulnerable to information disclosure (CVE-2022-22337)

Summary IBM Sterling B2B Integrator has addressed the information disclousre vulnerability in B2B API Vulnerability Details CVEID:CVE-2022-22337 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could disclose sensitive information to an authenticated user. CVSS Base score: 4.3 CVSS...

Security Bulletin: Dashboard of IBM Sterling B2B Integrator is vulnerable to cross-site scripting (CVE-2022-22352)

Summary IBM Sterling B2B Integrator has addressed the cross-site scripting vulnerability in Dashboard. Vulnerability Details CVEID:CVE-2022-22352 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...

Security Bulletin: IBM Sterling B2B Integrator Dashboard UI is vulnerable to sensitive information exposure (CVE-2021-39087)

Summary IBM Sterling B2B Integrator dashboard UI has addressed a sensitive information exposure security vulnerability. Vulnerability Details CVEID:CVE-2021-39087 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could allow an authenticated user to obtain sensitive information due to...

Security Bulletin: IBM Sterling File Gateway is vulnerable to information disclosure (CVE-2021-39086)

Summary IBM Sterling File Gateway has addressed the an information discloure vulnerability. Vulnerability Details CVEID:CVE-2021-39086 DESCRIPTION: IBM Sterling File Gateway could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the...

Security Bulletin: IBM Sterling B2B Integrator Dashboard UI is vulner to SQL Injection (CVE-2021-39085)

Summary IBM Sterling B2B Integrator dashboard UI has addressed an SQL injection vulnerability. Vulnerability Details CVEID:CVE-2021-39085 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which...

Security Bulletin: IBM Sterling B2B Integrator is affected by security vulnerability in OpenSSH

Summary IBM Sterling B2B Integrator is affected by security vulnerability in OpenSSH Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity chec...

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to cross-site scripting (CVE-2024-31913 CVE-2024-31914)

Summary IBM Sterling B2B Integrator is vulnerable to cross-site scripting. Vulnerability Details CVEID:CVE-2024-31914 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the W...

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to information disclosure

Summary IBM Sterling B2B Integrator is vulnerable to information disclosure . Vulnerability Details CVEID:CVE-2024-27263 DESCRIPTION: IBM Sterling B2B Integrator could allow an authenticated user to obtain sensitive information from the dashboard UI using man in the middle techniques. CWE:CWE-300...

Security Bulletin: IBM B2B Sterling Integrator is affected by Fasterxml jackson-databind vulnerability to denial of service

Summary IBM B2B Sterling Integrator is affected by Fasterxml jackson-databind vulnerability to denial of service Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused by a stack-based overflow. By persuading a victim to ope...

Security Bulletin: IBM B2B Sterling Integrator is affected by Apache Axis vulnerability to server-side request forgery

Summary IBM B2B Sterling Integrator is affected by Apache Axis vulnerability to server-side request forgery. Vulnerability Details CVEID:CVE-2023-51441 DESCRIPTION: Apache Axis is vulnerable to server-side request forgery, caused by a improper input validation by the service admin HTTP API. By...

Security Bulletin: IBM B2B Sterling Integrator is vunerable to information disclosure due to Spring Boot

Summary IBM B2B Sterling Integrator is vunerable to information disclosure due to Spring Boot Vulnerability Details CVEID:CVE-2023-34055 DESCRIPTION: VMware Tanzu Spring Boot is vulnerable to a denial of service, caused by a flaw when application uses Spring MVC or Spring WebFlux or...

Security Bulletin: Security Vulnerabilities in IBM MQ Affect IBM Sterling B2B Integrator

Summary IBM Sterling B2B Integrator is affected by vulnerabilities in IBM MQ. Vulnerability Details CVEID:CVE-2024-25015 DESCRIPTION: IBM MQ 9.2 LTS, 9.3 LTS, and 9.3 CD Internet Pass-Thru could allow a remote user to cause a denial of service by sending HTTP requests that would consume all...

PT-2024-10279 · Ibm · Ibm Sterling Secure Proxy

Name of the Vulnerable Software and Affected Versions: IBM Sterling Secure Proxy versions 6.0.0.0 through 6.2.0.0 Description: The issue is related to improper validation of a specified type of input, which can allow a privileged user to inject commands into the underlying operating system. This...

Security Bulletin: IBM Sterling B2B Integrator is affected by sensitive information exposure due to Apache James MIME4J (CVE-2022-45787)

Summary IBM Sterling B2B Integrator uses Apache James MIME4J. Vulnerability Details CVEID: CVE-2022-45787 DESCRIPTION: Apache James MIME4J could allow a local authenticated attacker to obtain sensitive information, caused by improper laxist permissions on the temporary files. By sending a...

CVE-2023-5946

The Digirisk plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'currentgroupid' parameter in version 6.0.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...

IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2023-11694)

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with different partner communities.A cross-site scripting...

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to denial of service due to Netty (CVE-2021-37136, CVE-2021-37137)

Summary IBM Sterling B2B Intergrator has addressed the security vulnerabilities in Netty. Vulnerability Details CVEID:CVE-2021-37136 DESCRIPTION: Netty netty-codec is vulnerable to a denial of service, caused by not allow size restrictions for decompressed data in the Bzip2Decoder. By sending a...

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to denial of service due to Google Gson (CVE-2022-25647)

Summary IBM Sterling B2B Integrator has addressed a denial of service vulnerability in Google Gson. Vulnerability Details CVEID:CVE-2022-25647 DESCRIPTION: Google Gson is vulnerable to a denial of service, caused by the deserialization of untrusted data. By using the writeReplace method, a remote...