Lucene search
K

35 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/01/13 1:5 p.m.6 views

Security Bulletin: IBM B2B Advanced Communications is affected by vulnerability in XStream

Summary IBM B2B Advanced Communications has addressed a vulnerability in XStream library shipped with product CVE-2024-47072. Vulnerability Details CVEID:CVE-2024-47072 DESCRIPTION: XStream is a simple library to serialize objects to XML and back again. This vulnerability may allow a remote...

7.5CVSS7.3AI score0.02015EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-28958

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00704EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-26732

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.003EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:51 a.m.5 views

CVE-2023-22595

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

5.4CVSS6.1AI score0.003EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:55 a.m.9 views

CVE-2023-24971

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976...

7.5CVSS6.4AI score0.00704EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/05 6:4 a.m.7 views

Security Bulletin: IBM B2B Advanced Communications is vulnerable to issues due to Java SDK (CVE-2022-40609)

Summary IBM B2B Advanced Communications has addressed vulnerabilities in Java SDK shipped with product. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an...

9.8CVSS7.8AI score0.01827EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/05 5:18 a.m.16 views

Security Bulletin: IBM B2B Advanced Communications is vulnerable to multiple issues due to Java SDK (CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597)

Summary IBM B2B Advanced Communications has addressed vulnerabilities in Java SDK shipped with product. Vulnerability Details CVEID:CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an...

9.1CVSS8.4AI score0.02474EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/22 5:29 p.m.27 views

Security Bulletin: IBM B2B Advanced Communications is vulnerable to issues due to Data Mapper for Jackson

Summary IBM B2B Advanced Communications has addressed vulnerabilities in Data Mapper for Jackson shipped with product. Vulnerability Details CVEID:CVE-2019-10172 DESCRIPTION: Jackson-mapper-asl could allow a remote attacker to obtain sensitive information, caused by an XML external entity XXE err...

7.5CVSS6.7AI score0.17044EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/21 3:19 p.m.22 views

Security Bulletin: IBM B2B Advanced Communications is vulnerable to issues in Eclipse Paho Client Mqttv3

Summary IBM B2B Advanced Communications has addressed vulnerabilities in Eclipse Paho Client Mqttv3. Vulnerability Details CVEID:CVE-2019-11777 DESCRIPTION: Eclipse Paho Java client could allow a remote attacker to bypass security restrictions, caused by the failure to check the result when...

7.5CVSS6.7AI score0.00827EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2023/07/31 1:16 a.m.38 views

CVE-2023-24971 IBM B2B Advanced Communication denial of service

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976...

7.5CVSS7.3AI score0.00704EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/07/31 1:13 a.m.12 views

CVE-2023-22595 IBM B2B Advanced Communication cross-site scripting

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

5.4CVSS6AI score0.003EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/27 8:20 a.m.25 views

Security Bulletin: IBM B2B Advanced Communications is vulnerable to denial of service (CVE-2023-24971)

Summary IBM B2B Advanced Communications has addressed a denial of service vulnerability. Vulnerability Details CVEID:CVE-2023-24971 DESCRIPTION: IBM B2B Advanced Communications could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. CVSS Base...

7.5CVSS6.5AI score0.00704EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/27 8:14 a.m.28 views

Security Bulletin: IBM B2B Advanced Communication is vulnerable to cross-site scripting (CVE-2023-22595)

Summary IBM B2B Advanced Communications has addressed a cross-site scripting vulnerability. Vulnerability Details CVEID:CVE-2023-22595 DESCRIPTION: IBM B2B Advanced Communication is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web U...

5.4CVSS5.2AI score0.003EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/20 9:24 a.m.34 views

Security Bulletin: IBM B2B Advanced Communications is vulnerable to identity spoofing due to IBM WebSphere Application Server Liberty (CVE-2022-22475)

Summary IBM B2B Advanced Communications has addressed vulnerabilities in IBM WebSphere Application Server Liberty shipped with product. Vulnerability Details CVEID:CVE-2022-22475 DESCRIPTION: IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are vulnerable to...

6.5CVSS6AI score0.00602EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/20 7:27 a.m.58 views

Security Bulletin: IBM B2B Advanced Communications is vulnerable security bypass due to Google Core Libraries for Java [Guava] (CVE-2020-8908)

Summary IBM B2B Advanced Communications has addressed vulnerabilities in Google Core Libraries for Java Guava shipped with product. Vulnerability Details CVEID:CVE-2020-8908 DESCRIPTION: Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory...

3.3CVSS6AI score0.00964EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/20 7:23 a.m.47 views

Security Bulletin: IBM B2B Advanced Communications is vulnerable to denial of service due to FasterXML jackson-databind (CVE-2018-1000873)

Summary IBM B2B Advanced Communications has addressed vulnerabilities in FasterXML jackson-databind shipped with product. Vulnerability Details CVEID:CVE-2018-1000873 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by improper input validation by the nanosecon...

6.5CVSS7.9AI score0.04758EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/20 7:19 a.m.24 views

Security Bulletin: IBM B2B Advanced Communications is vulnerable to directory traversal due to Apache Commons IO (CVE-2021-29425)

Summary IBM B2B Advanced Communications has addressed vulnerabilities in Apache Commons IO shipped with product. Vulnerability Details CVEID:CVE-2021-29425 DESCRIPTION: Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by th...

5.8CVSS6.8AI score0.10608EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/20 7:1 a.m.38 views

Security Bulletin: IBM B2B Advanced Communications is vulnerable to multiple issues due to Apache HttpClient

Summary IBM B2B Advanced Communications has addressed vulnerabilities in Apache HttpClient shipped with product. Vulnerability Details CVEID:CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed...

5.8CVSS6.7AI score0.19312EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/20 6:33 a.m.39 views

Security Bulletin: IBM B2B Advanced Communications is vulnerable to denial of service due to SnakeYAML (CVE-2017-18640)

Summary IBM B2B Advanced Communications has addressed vulnerabilities in SnakeYAML shipped with product. Vulnerability Details CVEID:CVE-2017-18640 DESCRIPTION: SnakeYAML is vulnerable to a denial of service, caused by an entity expansion in Alias feature during a load operation. By sending a...

7.5CVSS7.6AI score0.26723EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/20 6:25 a.m.41 views

Security Bulletin: IBM B2B Advanced Communications is vulnerable to multiple issues due to Apache Commons Compress

Summary IBM B2B Advanced Communications has addressed vulnerabilities in Apache Commons Compress shipped with product. Vulnerability Details CVEID:CVE-2021-35516 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memor...

7.5CVSS7.7AI score0.12945EPSS
Exploits0Affected Software1
Rows per page
Query Builder