17 matches found
EUVD-2015-4990
Malware in sbrugna...
EUVD-2016-0376
Malware in sbrugna...
EUVD-2023-26732
Malicious code in bioql PyPI...
CVE-2023-24971
IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to denial of service (CVE-2023-24971)
Summary IBM B2B Advanced Communications has addressed a denial of service vulnerability. Vulnerability Details CVEID:CVE-2023-24971 DESCRIPTION: IBM B2B Advanced Communications could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. CVSS Base...
Security Bulletin: IBM B2B Advanced Communication is vulnerable to cross-site scripting (CVE-2023-22595)
Summary IBM B2B Advanced Communications has addressed a cross-site scripting vulnerability. Vulnerability Details CVEID:CVE-2023-22595 DESCRIPTION: IBM B2B Advanced Communication is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web U...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to multiple issues due to Apache Commons BeanUtils (CVE-2014-0114, CVE-2019-10086)
Summary IBM B2B Advanced Communications has addressed vulnerabilities in Apache Common BeanUtils shipped with product. Vulnerability Details CVEID:CVE-2014-0114 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the...
Security Bulletin: IBM B2B Advanced Communications is vulnerable to remote code execution due to Apache Log4j (CVE-2021-4104)
Summary IBM B2B Advanced Communications has addressed vulnerabilities in Apache Log4j shipped with product. Vulnerability Details CVEID:CVE-2021-4104 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data wh...
Security Bulletin: Vulnerability in Apache Commons affects IBM B2B Advanced Communications (CVE-2016-3092)
Summary IBM B2B Advanced Communications is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. Vulnerability Details CVEID: CVE-2016-3092 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM B2B Advanced Communications.
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 Service Refresh 9 Fix Pack 40 that is used by IBM B2B Advanced Communications. These issues were disclosed as part of the IBM Java SDK updates in July 2016. Vulnerability Details CVEID: CVE-2016-3485...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM B2B Advanced Communications (CVE-2016-3427 and CVE-2016-3426)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7.0 that is used by IBM B2B Advanced Communications. These issues were disclosed as part of the IBM Java SDK updates for April 2016. Vulnerability Details CVEID: CVE-2016-3427 DESCRIPTION: An...
Security Bulletin: Information disclosure vulnerability in IBM B2B Advanced Communications (CVE-2016-0341).
Summary IBM B2B Advanced Communications can disclose sensitive information such as usernames, passwords, machine name, sensitive file locations, or any combination of that information. This information could be used to aid in further attacks against the system. Vulnerability Details CVEID:...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM B2B Advanced Communications.
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7.0 SR7 that is used by IBM Multi-Enterprise Integration Gateway. These issues were disclosed as part of the IBM Java SDK updates for October 2015 and January 2016. Vulnerability Details CVEID...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM B2B Advanced Communications (CVE-2015-0138, CVE-2014-6593, CVE-2015-0410)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 SR8 that is used by IBM B2B Advanced Communications. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factoring Attack on RSA-EXPORT...
Security Bulletin: Multiple vulnerabilities in IBM Multi-Enterprise Integration Gateway (CVE-2014-0460, CVE-2014-0878, CVE-2014-0453)
Summary IBM Multi-Enterprise Integration Gateway is shipped with IBM® SDK, Java™ Technology Edition the “IBM SDK”, that is based on an Oracle Java Development Kit JDK. Oracle has released the April 2014 critical patch updates CPU that contain security vulnerability fixes for the JDK. The IBM SDK...
CVE-2015-7445
IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.x before 1.0.0.4, when guest access is configured, allow remote authenticated users to obtain sensitive information by reading error messages in responses...
Cross site scripting
Cross-site scripting XSS vulnerability in IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.32 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...