35 matches found
Security Bulletin: IBM B2B Advanced Communications is affected by vulnerability in XStream
Summary IBM B2B Advanced Communications has addressed a vulnerability in XStream library shipped with product CVE-2024-47072. Vulnerability Details CVEID:CVE-2024-47072 DESCRIPTION: XStream is a simple library to serialize objects to XML and back again. This vulnerability may allow a remote...
EUVD-2023-28958
Malicious code in bioql PyPI...
EUVD-2023-26732
Malicious code in bioql PyPI...
CVE-2023-22595
IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...
CVE-2023-24971
IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to issues due to Java SDK (CVE-2022-40609)
Summary IBM B2B Advanced Communications has addressed vulnerabilities in Java SDK shipped with product. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to multiple issues due to Java SDK (CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597)
Summary IBM B2B Advanced Communications has addressed vulnerabilities in Java SDK shipped with product. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to issues due to Data Mapper for Jackson
Summary IBM B2B Advanced Communications has addressed vulnerabilities in Data Mapper for Jackson shipped with product. Vulnerability Details CVEID:CVE-2019-10172 DESCRIPTION: Jackson-mapper-asl could allow a remote attacker to obtain sensitive information, caused by an XML external entity XXE err...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to issues in Eclipse Paho Client Mqttv3
Summary IBM B2B Advanced Communications has addressed vulnerabilities in Eclipse Paho Client Mqttv3. Vulnerability Details CVEID:CVE-2019-11777 DESCRIPTION: Eclipse Paho Java client could allow a remote attacker to bypass security restrictions, caused by the failure to check the result when...
CVE-2023-24971 IBM B2B Advanced Communication denial of service
IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976...
CVE-2023-22595 IBM B2B Advanced Communication cross-site scripting
IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to denial of service (CVE-2023-24971)
Summary IBM B2B Advanced Communications has addressed a denial of service vulnerability. Vulnerability Details CVEID:CVE-2023-24971 DESCRIPTION: IBM B2B Advanced Communications could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. CVSS Base...
Security Bulletin: IBM B2B Advanced Communication is vulnerable to cross-site scripting (CVE-2023-22595)
Summary IBM B2B Advanced Communications has addressed a cross-site scripting vulnerability. Vulnerability Details CVEID:CVE-2023-22595 DESCRIPTION: IBM B2B Advanced Communication is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web U...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to identity spoofing due to IBM WebSphere Application Server Liberty (CVE-2022-22475)
Summary IBM B2B Advanced Communications has addressed vulnerabilities in IBM WebSphere Application Server Liberty shipped with product. Vulnerability Details CVEID:CVE-2022-22475 DESCRIPTION: IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are vulnerable to...
Security Bulletin: IBM B2B Advanced Communications is vulnerable security bypass due to Google Core Libraries for Java [Guava] (CVE-2020-8908)
Summary IBM B2B Advanced Communications has addressed vulnerabilities in Google Core Libraries for Java Guava shipped with product. Vulnerability Details CVEID:CVE-2020-8908 DESCRIPTION: Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to denial of service due to FasterXML jackson-databind (CVE-2018-1000873)
Summary IBM B2B Advanced Communications has addressed vulnerabilities in FasterXML jackson-databind shipped with product. Vulnerability Details CVEID:CVE-2018-1000873 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by improper input validation by the nanosecon...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to directory traversal due to Apache Commons IO (CVE-2021-29425)
Summary IBM B2B Advanced Communications has addressed vulnerabilities in Apache Commons IO shipped with product. Vulnerability Details CVEID:CVE-2021-29425 DESCRIPTION: Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by th...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to multiple issues due to Apache HttpClient
Summary IBM B2B Advanced Communications has addressed vulnerabilities in Apache HttpClient shipped with product. Vulnerability Details CVEID:CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to denial of service due to SnakeYAML (CVE-2017-18640)
Summary IBM B2B Advanced Communications has addressed vulnerabilities in SnakeYAML shipped with product. Vulnerability Details CVEID:CVE-2017-18640 DESCRIPTION: SnakeYAML is vulnerable to a denial of service, caused by an entity expansion in Alias feature during a load operation. By sending a...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to multiple issues due to Apache Commons Compress
Summary IBM B2B Advanced Communications has addressed vulnerabilities in Apache Commons Compress shipped with product. Vulnerability Details CVEID:CVE-2021-35516 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memor...