80 matches found
CVE-2025-36072
IBM webMethods Integration 10.11 through 10.11CoreFix22, 10.15 through 10.15CoreFix22, and 11.1 through 11.1CoreFix6 IBM webMethods Integration allow an authenticated user to execute arbitrary code on the system, caused by the deserialization of untrusted object graphs data...
CVE-2025-36072 IBM webMethods Integration Deserialization
IBM webMethods Integration 10.11 through 10.11CoreFix22, 10.15 through 10.15CoreFix22, and 11.1 through 11.1CoreFix6 IBM webMethods Integration allow an authenticated user to execute arbitrary code on the system, caused by the deserialization of untrusted object graphs data...
CVE-2025-36072
IBM webMethods Integration (on prem) is affected by CVE-2025-36072 due to deserialization of untrusted object graphs, enabling an authenticated user to execute arbitrary code. Affected versions include 10.11 through IS_10.11_Core_Fix22, 10.15 through IS_10.15_Core_Fix22, and 11.1 through IS_11.1_...
CVE-2025-36072 IBM webMethods Integration Deserialization
IBM webMethods Integration 10.11 through 10.11CoreFix22, 10.15 through 10.15CoreFix22, and 11.1 through 11.1CoreFix6 IBM webMethods Integration allow an authenticated user to execute arbitrary code on the system, caused by the deserialization of untrusted object graphs data...
IBM webMethods Integration 代码问题漏洞
IBM webMethods Integration is a hybrid enterprise iPaaS from International Business Machines IBM. A code issue vulnerability exists in IBM webMethods Integration versions 10.11 through 10.11CoreFix22, 10.15 through 10.15CoreFix22, and 11.1 through 11.1CoreFix6, which stems from deserialization of...
PT-2025-47639
Name of the Vulnerable Software and Affected Versions IBM webMethods Integration versions 10.11 through 10.11 Core Fix22 IBM webMethods Integration versions 10.15 through 10.15 Core Fix22 IBM webMethods Integration versions 11.1 through 11.1 Core Fix6 Description IBM webMethods Integration allows...
Security Bulletin: Due to the use of Eclipse JGit, IBM webMethods Integration is affected by denial of service, and other security issues.
Summary Eclipse JGit is used by IBM webMethods Integration in repository function CVE-2025-4949 Vulnerability Details CVEID:CVE-2025-4949 DESCRIPTION: In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implemen...
EUVD-2025-18657
Malicious code in bioql PyPI...
EUVD-2024-41296
Malicious code in bioql PyPI...
EUVD-2025-30821
Malicious code in bioql PyPI...
CVE-2025-36037
IBM webMethods Integration 10.15 and 11.1 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...
CVE-2025-36202
IBM webMethods Integration 10.15 and 11.1 could allow an authenticated user with required execute Services to execute commands on the system due to the improper validation of format string strings passed as an argument from an external source...
CVE-2025-36037
IBM webMethods Integration 10.15 and 11.1 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...
CVE-2025-36202
IBM webMethods Integration 10.15 and 11.1 could allow an authenticated user with required execute Services to execute commands on the system due to the improper validation of format string strings passed as an argument from an external source...
CVE-2025-36202
IBM webMethods Integration 10.15 and 11.1 could allow an authenticated user with required execute Services to execute commands on the system due to the improper validation of format string strings passed as an argument from an external source...
CVE-2025-36037 IBM webMethods Integration server-side request forgery
IBM webMethods Integration 10.15 and 11.1 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...
CVE-2025-36037 IBM webMethods Integration server-side request forgery
IBM webMethods Integration 10.15 and 11.1 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...
CVE-2025-36037
IBM webMethods Integration Server (on‑prem) versions 10.15 and 11.1 are affected by a server‑side request forgery (SSRF) vulnerability (CVE-2025-36037). The issue allows an authenticated attacker to cause unauthorized requests from the server, potentially enabling network enumeration. Remediation...
CVE-2025-36202
IBM webMethods Integration versions 10.15 and 11.1 are affected by a vulnerability caused by improper validation of format string arguments, allowing an authenticated user with required execute services to cause command execution on the system (CWE-134). The IBM Security Bulletin notes the affect...
CVE-2025-36202 IBM webMethods Integration code execution
IBM webMethods Integration 10.15 and 11.1 could allow an authenticated user with required execute Services to execute commands on the system due to the improper validation of format string strings passed as an argument from an external source...