Lucene search
K

448 matches found

NVD
NVD
added 6 days ago10 views

CVE-2026-9074

IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an unauthenticated SQL injection vulnerability in the password reset functionality...

9.8CVSS0.00507EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-9074 IBM API Connect SQL Injection

IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an unauthenticated SQL injection vulnerability in the password reset functionality...

9.1CVSS0.00507EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42307

IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an unauthenticated SQL injection vulnerability in the password reset functionality...

9.1CVSS6AI score0.00507EPSS
Exploits0References2
CVE
CVE
added 6 days ago13 views

CVE-2026-9074

IBM API Connect is affected by an unauthenticated SQL injection in the password reset flow for versions 10.0.8.0–10.0.8.9 and 12.1.0.0–12.1.0.3. The issue is a server-side SQL injection vulnerability that can be exploited without authentication, with network access required and no user interactio...

9.8CVSS6AI score0.00507EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-3144 IBM API Connect Default Credentials

IBM API Connect 12.1.0.0 through 12.1.0.3 uses default credentials which could allow an attacker to gain unauthorized access to the application before the system enforces a credential update...

8.1CVSS0.00412EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 6 days ago6 views

PT-2026-56477

Name of the Vulnerable Software and Affected Versions IBM API Connect versions 12.1.0.0 through 12.1.0.3 Description The application uses default credentials, which may allow an attacker to gain unauthorized access before the system requires a credential update. Recommendations Update IBM API...

9.8CVSS6.1AI score0.00412EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added last week4 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version v10.0.8.10 Vulnerability Details CVEID:CVE-2026-33244 DESCRIPTION: React Router is a router for React. In versions 7.5.1 through 7.13.1, when using Framework Mode with pre-rendering enabled, improper neutralization of the...

8.1CVSS7.1AI score0.00808EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/11 11:57 p.m.22 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version v12.1.0.3 Vulnerability Details CVEID:CVE-2025-11187 DESCRIPTION: Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer...

9.8CVSS8.1AI score0.47621EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/02 4:48 p.m.16 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.7 Vulnerability Details CVEID:CVE-2025-12818 DESCRIPTION: Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an...

7.6CVSS7AI score0.03092EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/06 5:13 p.m.20 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version v12.1.0.1 Vulnerability Details CVEID:CVE-2023-39804 DESCRIPTION: In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. CVSS Source: IBM X-Force CVSS Base...

8.6CVSS6.8AI score0.01082EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/30 5:20 p.m.33 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.6 Vulnerability Details CVEID:CVE-2021-3999 DESCRIPTION: A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A loc...

9.8CVSS6.8AI score0.08673EPSS
Exploits7Affected Software1
The Hacker News
The Hacker News
added 2025/12/31 1:37 p.m.8 views

Critical CVSS 9.8 Flaw Found in IBM API Connect Authentication System

IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The vulnerability, tracked as CVE-2025-13915 , is rated 9.8 out of a maximum of 10.0 on the CVSS scoring system. It has been described as an authentication...

9.8CVSS6.7AI score0.08673EPSS
Exploits0
NVD
NVD
added 2025/12/26 2:15 p.m.6 views

CVE-2025-13915

IBM API Connect 10.0.8.0 through 10.0.8.5, and 10.0.11.0 could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application...

9.8CVSS0.08673EPSS
Exploits0References1
CVE
CVE
added 2025/12/26 1:16 p.m.26 views

CVE-2025-13915

IBM API Connect is affected by CVE-2025-13915, a remote authentication bypass in versions 10.0.8.0–10.0.8.5 and 10.0.11.0. The issue allows an unauthenticated attacker to bypass authentication and gain unauthorized access to the application. IBM’s security bulletin recommends upgrading to version...

9.8CVSS6.6AI score0.08673EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/25 2:4 p.m.11 views

Security Bulletin: Authentication bypass in IBM API Connect

Summary Internal testing has revealed a potential authentication bypass in IBM API Connect Vulnerability Details CVEID:CVE-2025-13915 DESCRIPTION: IBM API Connect could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application. CWE:CWE-305:...

9.8CVSS7AI score0.08673EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/12 7:8 p.m.16 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.5 Vulnerability Details CVEID:CVE-2020-36732 DESCRIPTION: The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an integer, which makes the output more...

8.1CVSS7.5AI score0.03733EPSS
Exploits4Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-10567

Malware in sbrugna...

6.1CVSS6.3AI score0.00902EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-12511

Malware in sbrugna...

4.9CVSS5.1AI score0.0323EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-13810

Malware in sbrugna...

9.8CVSS8.9AI score0.01725EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-25498

Malware in sbrugna...

5.4CVSS5.5AI score0.00561EPSS
Exploits0References3
Rows per page
Query Builder