CVE-2024-39744

IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

CVE-2024-39746

IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the...

CVE-2024-39747

IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses default credentials for potentially critical functionality...

EUVD-2020-25834

Malware in sbrugna...

EUVD-2020-25994

Malware in sbrugna...

EUVD-2016-6926

Malware in sbrugna...

EUVD-2021-25328

Malware in sbrugna...

EUVD-2013-2928

Malware in sbrugna...

EUVD-2013-0540

Malware in sbrugna...

EUVD-2021-25370

Malware in sbrugna...

EUVD-2016-6925

Malware in sbrugna...

EUVD-2018-12482

Malware in sbrugna...

EUVD-2013-3966

Malware in sbrugna...

EUVD-2016-0415

Malware in sbrugna...

EUVD-2024-54433

Malicious code in bioql PyPI...

EUVD-2024-38223

Malicious code in bioql PyPI...

EUVD-2024-38225

Malicious code in bioql PyPI...

Security Bulletin: IBM Sterling Connect:Direct Web Services uses glib2 which is affected by CVE-2024-52533 and CVE-2025-4373

Summary IBM Sterling Connect:Direct Web Services is vulnerable to an integer overflow in the gstringinsertunichar function. This has been addressed in new build available from IBM Repository. Vulnerability Details CVEID:CVE-2024-52533 DESCRIPTION: gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 h...

Security Bulletin: IBM Sterling Connect:Direct Web Services uses commons-lang3 and is vulnerable to CVE-2025-48924

Summary IBM Sterling Connect:Direct Web Services is vulnerable to uncontrolled recursion vulnerability in Apache Commons Lang. This has been addressed in new build available from IBM Repository. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache...

Security Bulletin: IBM Sterling Connect:Direct FTP+ is vulnerable to various attacks due to IBM Runtime Environment Java Technology Edition Version 17

Summary IBM Java 17 is used by IBM Sterling Connect:Direct FTP+ on AIX, Linux, and Windows platforms in product configuration and data transmission. IBM Sterling Connect:Direct FTP+ on AIX, Linux, and Windows platforms is impacted by vulnerabilities in IBM Java 17. IBM Sterling Connect:Direct FTP...