Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 8:42 a.m.6 views

CVE-2022-31161

Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocessexecute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for...

10CVSS6.7AI score0.73007EPSS
Exploits3References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2024-53447

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00291EPSS
Exploits2References1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/03/26 3:27 a.m.53 views

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to Cross-Site Scripting (CVE-2022-34330)

Summary IBM Sterling B2B Integrator has addressed the cross-site scripting vulnerability Vulnerability Details CVEID:CVE-2022-34330 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code i...

6.1CVSS5.9AI score0.00373EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/03/26 3:26 a.m.40 views

Security Bulletin: B2B API of IBM Sterling B2B Integrator is vulnerable to information disclosure (CVE-2022-22337)

Summary IBM Sterling B2B Integrator has addressed the information disclousre vulnerability in B2B API Vulnerability Details CVEID:CVE-2022-22337 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could disclose sensitive information to an authenticated user. CVSS Base score: 4.3 CVSS...

6.5CVSS6AI score0.00211EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/03/26 3:25 a.m.49 views

Security Bulletin: Dashboard of IBM Sterling B2B Integrator is vulnerable to cross-site scripting (CVE-2022-22352)

Summary IBM Sterling B2B Integrator has addressed the cross-site scripting vulnerability in Dashboard. Vulnerability Details CVEID:CVE-2022-22352 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...

5.4CVSS5.2AI score0.00377EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/03/26 2:0 a.m.37 views

Security Bulletin: IBM Sterling File Gateway is vulnerable to information disclosure (CVE-2021-39086)

Summary IBM Sterling File Gateway has addressed the an information discloure vulnerability. Vulnerability Details CVEID:CVE-2021-39086 DESCRIPTION: IBM Sterling File Gateway could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the...

5.3CVSS4.8AI score0.00097EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/03/26 2:0 a.m.38 views

Security Bulletin: IBM Sterling B2B Integrator Dashboard UI is vulner to SQL Injection (CVE-2021-39085)

Summary IBM Sterling B2B Integrator dashboard UI has addressed an SQL injection vulnerability. Vulnerability Details CVEID:CVE-2021-39085 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which...

9.8CVSS9.8AI score0.00227EPSS
Exploits0Affected Software1
Cvelist
Cvelistadded 2025/02/03 12:0 a.m.13 views

CVE-2024-56903

Geovision GV-ASWeb with the version 6.1.1.0 or less allows attackers to modify POST request method with the GET against critical functionalities, such as account management. This vulnerability is used in chain with CVE-2024-56901 for a successful CSRF attack...

0.00291EPSS
Exploits2References1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/11/21 4:40 p.m.60 views

Security Bulletin: IBM Sterling B2B Integrator is affected by sensitive information exposure due to Apache James MIME4J (CVE-2022-45787)

Summary IBM Sterling B2B Integrator uses Apache James MIME4J. Vulnerability Details CVEID: CVE-2022-45787 DESCRIPTION: Apache James MIME4J could allow a local authenticated attacker to obtain sensitive information, caused by improper laxist permissions on the temporary files. By sending a...

5.5CVSS6.1AI score0.00009EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/01/05 12:14 p.m.86 views

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to denial of service due to Google Gson (CVE-2022-25647)

Summary IBM Sterling B2B Integrator has addressed a denial of service vulnerability in Google Gson. Vulnerability Details CVEID:CVE-2022-25647 DESCRIPTION: Google Gson is vulnerable to a denial of service, caused by the deserialization of untrusted data. By using the writeReplace method, a remote...

7.7CVSS7.4AI score0.022EPSS
Exploits0Affected Software1
Prion
Prionadded 2022/07/15 9:15 p.m.20 views

Design/Logic Flaw

Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocessexecute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for...

7.5CVSS9.4AI score0.73007EPSS
Exploits3References3Affected Software1
Cvelist
Cvelistadded 2022/07/15 12:0 a.m.21 views

CVE-2022-31161 Roxy-WI Vulnerable to Unauthenticated Remote Code Execution via ssl_cert Upload

Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocessexecute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for...

10CVSS9.7AI score0.73007EPSS
Exploits3References3
OSV
OSVadded 2022/07/15 12:0 a.m.24 views

CVE-2022-31161 Roxy-WI Vulnerable to Unauthenticated Remote Code Execution via ssl_cert Upload

Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocessexecute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for...

10CVSS8.9AI score0.73007EPSS
Exploits3References5
CNVD
CNVDadded 2021/10/10 12:0 a.m.26 views

IBM Sterling B2B Integrator SQL Injection Vulnerability (CNVD-2021-87020)

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with different partner communities. IBM Sterling B2B Integrator Standard Edition in versions...

9.8CVSS3AI score0.00358EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletinsadded 2021/10/05 9:1 p.m.14 views

Security Bulletin: XXE Vulnerability in Drools Affects IBM Sterling B2B Integrator (CVE-2014-8125)

Summary IBM Sterling B2B Integrator has addressed the security vulnerability. Vulnerability Details CVEID: CVE-2014-8125 DESCRIPTION: Drools and jBPM could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection XXE error within the jBPM runtime. By...

7.5CVSS6.1AI score0.00957EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2021/10/05 8:46 p.m.39 views

Security Bulletin: Apache Commons BeanUtils Vulnerabilities Affect IBM Sterling B2B Integrator (CVE-2014-0114, CVE-2019-10086)

Summary IBM Sterling B2B Integrator has addressed the security vulnerabilities. Vulnerability Details CVEID: CVE-2014-0114 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting of Class Loader attributes. An...

7.5CVSS8.7AI score0.92332EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2021/10/05 8:41 p.m.35 views

Security Bulletin: Jackson-Dataformats Vulnerability Affects the B2B API of IBM Sterling B2B Integrator (CVE-2020-28491)

Summary IBM Sterling B2B Integrator has addressed the security vulnerability Vulnerability Details CVEID: CVE-2020-28491 DESCRIPTION: FasterXML jackson-dataformats-binary is vulnerable to a denial of service, caused by an unchecked allocation of byte buffer flaw. By sending a specially-crafted...

7.5CVSS1.8AI score0.00317EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2021/10/05 7:55 p.m.35 views

Security Bulletin: XStream Vulnerability Affects IBM Sterling B2B Integrator (CVE-2021-29505)

Summary IBM Sterling B2B Integrator has addressed the security vulnerability. Vulnerability Details CVEID: CVE-2021-29505 DESCRIPTION: XStream XStream could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper input validation. By manipulating the...

8.8CVSS2.4AI score0.90349EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2021/10/05 7:14 p.m.19 views

Security Bulletin: Cross-Site Request Forgery Vulnerability Affects IBM Sterling B2B Integrator (CVE-2021-29837)

Summary BM Sterling B2B Integrator has addressed the security vulnerability. Vulnerability Details CVEID: CVE-2021-29837 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized action...

8.8CVSS1.2AI score0.00109EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2021/10/05 6:57 p.m.25 views

Security Bulletin: Weaker Cryptographic Algorithm Vulnerability Affects IBM Sterling B2B Integrator (CVE-2021-38925)

Summary IBM Sterling B2B Integrator has addressed the security vulnerability. Vulnerability Details CVEID: CVE-2021-38925 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive...

7.5CVSS1.4AI score0.00112EPSS
Exploits0Affected Software1
Rows per page
Query Builder