CVE-2025-36361

IBM App Connect Enterprise is affected by CVE-2025-36361: versions 13.0.1.0–13.0.4.2 and 12.0.1.0–12.0.12.17 allow an authenticated user to perform unauthorized actions on customer-defined resources due to missing authorization. Impact is described as lack of authorization affecting confidentiali...

EUVD-2016-0376

Malware in sbrugna...

EUVD-2015-4990

Malware in sbrugna...

EUVD-2016-6826

Malware in sbrugna...

EUVD-2023-28958

Malicious code in bioql PyPI...

EUVD-2023-26732

Malicious code in bioql PyPI...

CVE-2023-24971

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976...

Trend Micro & IBM Team Up To Boost Mainframe Security

Trend Micro Deep Security adds security for mainframe enterprise integration...

Apache Camel Deserialization Vulnerability

Apache Camel is the United States Apache Apache Foundation of a set of open source based on Enterprise Integration Pattern Enterprise Integration Pattern , referred to as EIP integration framework. The framework provides Enterprise Integration Pattern Java objects POJO implementation , and throug...

CVE-2023-24971

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976...

Cross site scripting

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

CVE-2023-24971 IBM B2B Advanced Communication denial of service

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976...

Security Bulletin: IBM B2B Advanced Communications is vulnerable to denial of service (CVE-2023-24971)

Summary IBM B2B Advanced Communications has addressed a denial of service vulnerability. Vulnerability Details CVEID:CVE-2023-24971 DESCRIPTION: IBM B2B Advanced Communications could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. CVSS Base...

Security Bulletin: IBM B2B Advanced Communication is vulnerable to cross-site scripting (CVE-2023-22595)

Summary IBM B2B Advanced Communications has addressed a cross-site scripting vulnerability. Vulnerability Details CVEID:CVE-2023-22595 DESCRIPTION: IBM B2B Advanced Communication is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web U...

Security Bulletin: IBM B2B Advanced Communications is vulnerable to identity spoofing due to IBM WebSphere Application Server Liberty (CVE-2022-22475)

Summary IBM B2B Advanced Communications has addressed vulnerabilities in IBM WebSphere Application Server Liberty shipped with product. Vulnerability Details CVEID:CVE-2022-22475 DESCRIPTION: IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are vulnerable to...

Security Bulletin: IBM B2B Advanced Communications is vulnerable to multiple issues due to Apache Commons BeanUtils (CVE-2014-0114, CVE-2019-10086)

Summary IBM B2B Advanced Communications has addressed vulnerabilities in Apache Common BeanUtils shipped with product. Vulnerability Details CVEID:CVE-2014-0114 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the...

Security Bulletin: IBM B2B Advanced Communications is vulnerable to remote code execution due to Apache Log4j (CVE-2021-4104)

Summary IBM B2B Advanced Communications has addressed vulnerabilities in Apache Log4j shipped with product. Vulnerability Details CVEID:CVE-2021-4104 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data wh...

Introducing Microservices Patterns with Spring Integration

Hey Spring Community! I hope you are enjoying Spring One Essentials these days. The most exciting feature for me is an Observability which is spread throughout the Spring portfolio from now on. Nevertheless, today Id like to share with a project Im working on since holidays, where the mentioned...

Introducing Microservices Patterns with Spring Integration

Hey Spring Community! I hope you are enjoying Spring One Essentials these days. The most exciting feature for me is an Observability which is spread throughout the Spring portfolio from now on. Nevertheless, today I’d like to share with a project I’m working on since holidays, where the mentioned...

Introducing Microservices Patterns with Spring Integration

Hey Spring Community! I hope you are enjoying Spring One Essentials these days. The most exciting feature for me is an Observability which is spread throughout the Spring portfolio from now on. Nevertheless, today I’d like to share with a project I’m working on since holidays, where the mentioned...