Lucene search
K

2022 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/01/13 12:43 p.m.7 views

Security Bulletin: IBM B2B Advanced Communications is affected by vulnerabilities in kjd/idna library

Summary IBM B2B Advanced Communications has addressed vulnerabilities in idna library shipped with product CVE-2024-3651. Vulnerability Details CVEID:CVE-2024-3651 DESCRIPTION: A vulnerability was identified in the kjd/idna library, specifically within the idna.encode function, affecting version...

7.5CVSS6.3AI score0.01386EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.9 views

CVE-2023-31860

Wuzhi CMS v3.1.2 has a storage type XSS vulnerability in the backend of the Five Finger CMS b2b system...

5.4CVSS6AI score0.00384EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:32 p.m.16 views

CVE-2023-4703

The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly validate parameters when updating user details, allowing an unauthenticated attacker to update the details of any user. Updating the password of an Admin user leads to privilege escalation...

7.5CVSS7.1AI score0.00569EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:31 a.m.7 views

CVE-2023-25682

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 247034...

6.2CVSS5.9AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:29 a.m.9 views

CVE-2023-50307

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...

5.4CVSS6.1AI score0.00321EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:33 a.m.5 views

CVE-2024-39597

In SAP Commerce, a user can misuse the forgotten password functionality to gain access to a Composable Storefront B2B site for which early login and registration is activated, without requiring the merchant to approve the account beforehand. If the site is not configured as isolated site, this ca...

7.2CVSS7.2AI score0.00282EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.8 views

CVE-2025-1348

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local user to obtain sensitive information from a user’s web browser cache due to not using a suitable caching policy...

4CVSS6.2AI score0.00128EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:17 a.m.8 views

CVE-2025-1349

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

5.5CVSS6.4AI score0.00175EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/01 11:8 a.m.6 views

Security Bulletin: Multiple Security Vulnerabilities in IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-48795 CVE-2025-48913)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerabilities Vulnerability Details CVEID:CVE-2025-48795 DESCRIPTION: Apache CXF stores large stream based messages as temporary files on the local filesystem. A bug was introduced which means that the...

9.8CVSS7.1AI score0.00793EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/26 2:49 p.m.8 views

CVE-2025-36134

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie...

7.5CVSS6.2AI score0.00261EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/25 7:4 p.m.5 views

CVE-2025-36112

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could reveal sensitive server IP configuration information to an unauthorized user...

5.3CVSS6.4AI score0.00205EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/25 3:31 p.m.5 views

EUVD-2025-199597

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie...

3.7CVSS5.7AI score0.00261EPSS
Exploits0References2
NVD
NVD
added 2025/11/25 3:15 p.m.6 views

CVE-2025-36134

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie...

7.5CVSS0.00261EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/25 12:0 a.m.7 views

PT-2025-48033

Name of the Vulnerable Software and Affected Versions IBM Sterling B2B Integrator and IBM Sterling File Gateway versions 6.0.0.0 through 6.1.2.7 IBM Sterling B2B Integrator and IBM Sterling File Gateway versions 6.2.0.0 through 6.2.0.5 IBM Sterling B2B Integrator and IBM Sterling File Gateway...

7.5CVSS6AI score0.00261EPSS
Exploits0References5
EUVD
EUVD
added 2025/11/24 9:30 p.m.6 views

EUVD-2025-198981

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could reveal sensitive server IP configuration information to an unauthorized user...

5.3CVSS6AI score0.00205EPSS
Exploits0References2
OSV
OSV
added 2025/11/24 7:15 p.m.2 views

CVE-2025-36112

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could reveal sensitive server IP configuration information to an unauthorized user...

5.3CVSS5.8AI score
Exploits0References1
CVE
CVE
added 2025/11/24 6:25 p.m.13 views

CVE-2025-36112

The CVE-2025-36112 issue affects IBM Sterling B2B Integrator and IBM Sterling File Gateway, specifically versions 6.0.0.0–6.1.2.7_1, 6.2.0.0–6.2.0.5, and 6.2.1.1, where an information disclosure vulnerability could reveal sensitive server IP configuration information to an unauthorized user. The ...

5.3CVSS6.1AI score0.00205EPSS
Exploits0References1Affected Software2
Snyk
Snyk
added 2025/11/24 4:44 a.m.2 views

Malicious Package

Overview lululemon-b2b-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
CNNVD
CNNVD
added 2025/11/24 12:0 a.m.5 views

IBM Sterling B2B Integrator和IBM Sterling File Gateway 安全漏洞

IBM Sterling B2B Integrator and IBM Sterling File Gateway are both products of International Business Machines IBM.IBM Sterling B2B Integrator is a suite of software that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B...

5.3CVSS6.4AI score0.00205EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/21 12:41 p.m.7 views

Security Bulletin: Document Service Container of IBM Sterling B2B Integrator and IBM Sterling File Gateway is Vulnerable to Information Disclosure (CVE-2025-22227)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the information disclosure vulnerability. Please upgrade or patch your installation of these products accordingly. Vulnerability Details CVEID:CVE-2025-22227 DESCRIPTION: In some specific scenarios with chained...

6.1CVSS6.3AI score0.0034EPSS
Exploits0Affected Software1
Rows per page
Query Builder