Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to SQL Injection vulnerability in Dashboard UI (CVE-2025-36368)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed SQL Injection vulnerability Vulnerability Details CVEID:CVE-2025-36368 DESCRIPTION: IBM Sterling B2B Integrator and IBM Sterling File Gateway are vulnerable to SQL injection. An administrative user could send special...

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to an access control security vulnerability in Ops server (CVE-2025-14031)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed access control security vulnerability Vulnerability Details CVEID:CVE-2025-14031 DESCRIPTION: IBM Sterling B2B Integrator and IBM Sterling File Gateway could allow an unauthenticated attacker to send a specially...

CVE-2025-36368

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, and 6.2.1.0 through 6.2.1.11 are vulnerable to SQL injection. An administrative user could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or...

CVE-2023-40693

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, and 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended...

CVE-2025-14504

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering...

CVE-2025-14504

CVE-2025-14504 affects IBM Sterling B2B Integrator and IBM Sterling File Gateway across multiple release lines: 6.1.0.0–6.1.2.7_2, 6.2.0.0–6.2.0.5_1, 6.2.1.0–6.2.1.1_1, and 6.2.2.0. The issue is a cross-site scripting (XSS) vulnerability that allows an authenticated user to inject arbitrary JavaS...

IBM Sterling B2B Integrator和IBM Sterling File Gateway 跨站脚本漏洞

IBM Sterling B2B Integrator and IBM Sterling File Gateway are both products of International Business Machines IBM. IBM Sterling B2B Integrator is a software suite that integrates critical B2B processes, transactions, and relationships. This software supports secure integration of complex B2B...

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to Cryptographic Weakness in IBM Liberty Server ( CVE-2020-36732)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the cryptographic weakness vulnerability Vulnerability Details CVEID:CVE-2020-36732 DESCRIPTION: The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an intege...

CVE-2023-50307

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...

CVE-2025-1348

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local user to obtain sensitive information from a user’s web browser cache due to not using a suitable caching policy...

CVE-2025-1349

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

Security Bulletin: Multiple Security Vulnerabilities in IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-48795 CVE-2025-48913)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerabilities Vulnerability Details CVEID:CVE-2025-48795 DESCRIPTION: Apache CXF stores large stream based messages as temporary files on the local filesystem. A bug was introduced which means that the...

EUVD-2025-198981

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could reveal sensitive server IP configuration information to an unauthorized user...

Security Bulletin: Document Service Container of IBM Sterling B2B Integrator and IBM Sterling File Gateway is Vulnerable to Information Disclosure (CVE-2025-22227)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the information disclosure vulnerability. Please upgrade or patch your installation of these products accordingly. Vulnerability Details CVEID:CVE-2025-22227 DESCRIPTION: In some specific scenarios with chained...

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable to Denial of Service (CVE-2025-48976)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the denial of service vulnerability Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons...

EUVD-2015-5009

Malware in sbrugna...

EUVD-2015-0232

Malware in sbrugna...

EUVD-2020-25952

Malware in sbrugna...

EUVD-2021-16238

Malware in sbrugna...

EUVD-2013-0550

Malware in sbrugna...