Lucene search
K

24 matches found

vulnrichment
vulnrichment
added 2026/03/13 6:32 p.m.6 views

CVE-2025-13723 IBM Sterling Partner Engagement Manager Information Disclosure

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive user information using an expired access token...

5.3CVSS5.8AI score0.00166EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-29752

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00261EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-29751

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00261EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.10 views

EUVD-2024-29753

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00275EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/23 9:3 a.m.4 views

CVE-2024-31894

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288175...

4.3CVSS6AI score0.00261EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 9:3 a.m.5 views

CVE-2024-31895

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288176...

6.5CVSS6AI score0.00275EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 9:3 a.m.5 views

CVE-2024-31893

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive calendar information using an expired access token. IBM X-Force ID: 288174...

4.3CVSS4.2AI score0.00261EPSS
Exploits0References1
osv
osv
added 2024/11/10 11:15 p.m.9 views

CVE-2021-35473

An issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in the OAuth2.0 handler, i.e., it does not verify access token validity. An attacker can use a expired access token from an OIDC client to access the OAuth2 handler The earliest affected version is 2.0.4...

9.1CVSS7AI score
Exploits0References2
nvd
nvd
added 2024/11/10 11:15 p.m.21 views

CVE-2021-35473

An issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in the OAuth2.0 handler, i.e., it does not verify access token validity. An attacker can use a expired access token from an OIDC client to access the OAuth2 handler The earliest affected version is 2.0.4...

9.1CVSS0.00404EPSS
Exploits0References2
ibm
ibm
added 2024/06/05 2:48 p.m.18 views

Security Bulletin: IBM App Connect Enterprise Certified Container is vulnerable to an authenticated user accessing sensitive information [CVE-2024-31893 CVE-2024-31894 CVE-2024-31895]

Summary IBM App Connect Enterprise Certified Container Designer flows that use the calendly, square or docusign connector are vulnerable to loss of confidentiality when an access token expires and is refreshed. This bulletin provides patch information to address the reported vulnerability in the...

6.5CVSS4AI score0.00275EPSS
Exploits0Affected Software1
cnvd
cnvd
added 2024/05/27 12:0 a.m.10 views

Unspecified Vulnerability in IBM App Connect Enterprise (CNVD-2024-24718)

IBM App Connect Enterprise is an operating system from International Business Machines IBM, Inc. that combines existing industry-trusted IBM Integration Bus technology with IBM App Connect Professional and new cloud-native IBM App Connect Enterprise combines existing industry-trusted IBM...

4.3CVSS6.3AI score0.00261EPSS
Exploits0References1
cnvd
cnvd
added 2024/05/23 12:0 a.m.10 views

Unspecified Vulnerability in IBM App Connect Enterprise (CNVD-2024-24720)

IBM App Connect Enterprise is an operating system from International Business Machines IBM, Inc. that combines existing industry-trusted IBM Integration Bus technology with IBM App Connect Professional and new cloud-native IBM App Connect Enterprise combines existing industry-trusted IBM...

6.5CVSS6.3AI score0.00275EPSS
Exploits0References1
osv
osv
added 2024/05/22 8:15 p.m.3 views

CVE-2024-31894

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288175...

4.3CVSS5.8AI score0.00261EPSS
Exploits0References2
nvd
nvd
added 2024/05/22 8:15 p.m.21 views

CVE-2024-31895

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288176...

6.5CVSS4.2AI score0.00275EPSS
Exploits0References2
cvelist
cvelist
added 2024/05/22 7:17 p.m.26 views

CVE-2024-31894 IBM App Connect Enterprise information disclosure

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288175...

4.3CVSS4.2AI score0.00261EPSS
Exploits0References2
cve
cve
added 2024/05/22 7:17 p.m.64 views

CVE-2024-31894

CVE-2024-31894 affects IBM App Connect Enterprise 12.0.1.0–12.0.12.1 and allows an authenticated user to obtain sensitive user information via an expired access token (information disclosure). The issue is discussed across multiple sources (IBM X-Force ID 288175; Red Hat security page; IBM bullet...

4.3CVSS4.2AI score0.00261EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2024/05/22 7:17 p.m.24 views

CVE-2024-31894 IBM App Connect Enterprise information disclosure

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288175...

4.3CVSS5.9AI score0.00261EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/05/22 7:16 p.m.18 views

CVE-2024-31895 IBM App Connect Enterprise information disclosure

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288176...

4.3CVSS5.9AI score0.00275EPSS
Exploits0References2
cve
cve
added 2024/05/22 7:16 p.m.75 views

CVE-2024-31895

CVE-2024-31895 affects IBM App Connect Enterprise versions 12.0.1.0 through 12.0.12.1 . The vulnerability allows an authenticated user to obtain sensitive user information by exploiting an expired access token, representing a confidentiality impact (CVSS base score ~4.3–6.5 depending on source). ...

6.5CVSS4.2AI score0.00275EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2024/05/22 7:16 p.m.22 views

CVE-2024-31895 IBM App Connect Enterprise information disclosure

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288176...

4.3CVSS4.2AI score0.00275EPSS
Exploits0References2
Rows per page
Query Builder