34 matches found
EUVD-2022-24610
Malicious code in bioql PyPI...
EUVD-2022-42816
Malicious code in bioql PyPI...
EUVD-2024-41753
Malicious code in bioql PyPI...
CVE-2024-45089
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition EBICS server could allow an authenticated user to obtain sensitive filename information due to an observable discrepancy...
CVE-2022-1279
A vulnerability in the encryption implementation of EBICS messages in the open source librairy ebics-java/ebics-java-client allows an attacker sniffing network traffic to decrypt EBICS payloads. This issue affects: ebics-java/ebics-java-client versions prior to 1.2...
CVE-2022-3442
A vulnerability was found in Crealogix EBICS 7.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /ebics-server/ebics.aspx. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the...
Security Bulletin: EBICS Client of IBM Sterling B2B Integrartor is vulnerable SQL Injection (CVE-2022-22338)
Summary IBM Sterling B2B Integrator has addressed the SQL injection vulnerability in EBICS client. Vulnerability Details CVEID:CVE-2022-22338 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements,...
@boxyhq/saml-jackson (>=1.11.2 <=1.40.2), @boxyhq/saml20 (>=1.2.4 <=1.8.0) +8 more potentially affected by CVE-2025-29775 via xml-crypto (>=4.1.0 <=6.0.0)
xml-crypto NPM version =4.1.0, =1.11.2, =1.2.4, =1.0.0, =4.0.0, =1.0.0, =0.0.1, =0.0.2 - saml-nofs =3.0.2 - verifactu-utils =1.1.0 Source cves: CVE-2025-29775 Source advisory: OSV:GHSA-X3M8-899R-F7C3...
IBM Sterling B2B Integrator Information Disclosure Vulnerability (CNVD-2025-04972)
IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. An information disclosure...
CVE-2024-45089
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition EBICS server could allow an authenticated user to obtain sensitive filename information due to an observable discrepancy...
CVE-2024-45089 IBM Sterling B2B Integrator information disclosure
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition EBICS server could allow an authenticated user to obtain sensitive filename information due to an observable discrepancy...
CVE-2024-45089 IBM Sterling B2B Integrator information disclosure
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition EBICS server could allow an authenticated user to obtain sensitive filename information due to an observable discrepancy...
PT-2025-2683 · Ibm · Ibm Sterling B2B Integrator
Name of the Vulnerable Software and Affected Versions: IBM Sterling B2B Integrator versions 6.0.0.0 through 6.1.2.5 IBM Sterling B2B Integrator versions 6.2.0.0 through 6.2.0.3 Description: The issue allows an authenticated user to obtain sensitive filename information due to an observable...
@boxyhq/saml-jackson (>=1.11.2 <=1.17.1), @boxyhq/saml20 (>=1.2.4 <=1.4.1) +7 more potentially affected by CVE-2024-32962 via xml-crypto (>=4.1.0 <=5.1.1)
xml-crypto NPM version =4.1.0, =1.11.2, =1.2.4, =4.0.0, =1.0.0, =0.0.1, =0.0.2 - saml-nofs =3.0.2 - verifactu-utils =1.1.0 Source cves: CVE-2024-32962 Source advisory: OSV:GHSA-2XP3-57P7-QF4V...
Security Bulletin: IBM Sterling B2B Integrator EBICs client affected by multiple issues due to Jettison
Summary IBM Sterling B2B Integrator uses Jettison in its EBICs client. Vulnerability Details CVEID:CVE-2023-1436 DESCRIPTION: Jettison is vulnerable to a denial of service, caused by an infinite recursion when constructing a JSONArray from a Collection that contains a self-reference in one of its...
CREALOGIX EBICS Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability exists in CREALOGIX EBICS version 7.0, which stems from the lack of effective filtering and escaping of user-supplied data in the /ebics-server/ebics.aspx file, which could be exploited to inject cross-site code and launch XSS attack...
CVE-2022-3442
A vulnerability was found in Crealogix EBICS 7.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /ebics-server/ebics.aspx. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the...
CVE-2022-3442
A vulnerability was found in Crealogix EBICS 7.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /ebics-server/ebics.aspx. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the...
Cross site scripting
A vulnerability was found in Crealogix EBICS 7.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /ebics-server/ebics.aspx. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the...
CVE-2022-3442 Crealogix EBICS ebics.aspx cross site scripting
A vulnerability was found in Crealogix EBICS 7.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /ebics-server/ebics.aspx. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the...