Lucene search
K

312 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/17 8:13 p.m.3 views

CVE-2025-14289

IBM webMethods Integration Server 12.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

5.4CVSS5.5AI score0.00162EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/02/17 8:13 p.m.23 views

CVE-2025-14289 IBM webMethods Integration Server is vulnerable to HTML injection

IBM webMethods Integration Server 12.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

5.4CVSS0.00162EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/17 12:0 a.m.11 views

IBM webMethods Integration Server 安全漏洞

IBM webMethods Integration Server is an application connector from International Business Machines IBM. An HTML injection vulnerability exists in IBM webMethods Integration Server version 12.0. An attacker could exploit this vulnerability to execute arbitrary Web script or HTML...

5.4CVSS6AI score0.00162EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.4 views

PT-2026-20229

Name of the Vulnerable Software and Affected Versions IBM webMethods Integration Server version 12.0 Description The software is susceptible to HTML injection. A remote attacker could inject malicious HTML code that would be executed in the victim's web browser within the security context of the...

5.4CVSS5.7AI score0.00162EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/16 1:22 p.m.6 views

Security Bulletin: IBM webMethods Integration Server is vulnerable to HTML injection

Summary IBM webMethods Integration Sever is vulnerable to HTML injection in Security Claims UI. CVE-2025-14289. Vulnerability Details CVEID:CVE-2025-14289 DESCRIPTION: IBM webMethods Integration is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed...

5.4CVSS5.6AI score0.00162EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/11 7:13 a.m.15 views

Security Bulletin: Multiple vulnerabilities in IBM webMethods Integration Server

Summary Multiple vulnerabilities were addressed in IBM webMethods Integration Server fixes. Vulnerability Details CVEID:CVE-2025-49128 DESCRIPTION: Jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. Starting in version...

9.8CVSS7.7AI score0.06257EPSS
Exploits7Affected Software1
NVD
NVD
added 2026/02/05 2:16 p.m.5 views

CVE-2025-14150

IBM webMethods Integration on prem - Integration Server 10.15 through IS10.15CoreFix2411.1 to IS11.1CoreFix8 IBM webMethods Integration could disclose sensitive user information in server responses...

6.5CVSS0.00323EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/05 2:1 p.m.30 views

CVE-2025-14150 IBM webMethods Integration Sever is affected by

IBM webMethods Integration on prem - Integration Server 10.15 through IS10.15CoreFix2411.1 to IS11.1CoreFix8 IBM webMethods Integration could disclose sensitive user information in server responses...

6.5CVSS0.00323EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/05 2:1 p.m.6 views

CVE-2025-14150 IBM webMethods Integration Sever is affected by

IBM webMethods Integration on prem - Integration Server 10.15 through IS10.15CoreFix2411.1 to IS11.1CoreFix8 IBM webMethods Integration could disclose sensitive user information in server responses...

6.5CVSS5.3AI score0.00323EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/05 12:42 p.m.17 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationRuntime and IntegrationServer operands are vulnerable to loss of confidentiality (CVE-2026-22817, CVE-2026-22818)

Summary IBM App Connect Enterprise Certified Container IntegrationRuntime and IntegrationServer operands are vulnerable to loss of confidentiality due to Node.js module hono. This bulletin provides patch information to address the reported vulnerability in Node.js module hono CVE-2026-22817,...

8.2CVSS5.1AI score0.00141EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.5 views

PT-2026-6557

Name of the Vulnerable Software and Affected Versions IBM webMethods Integration Server versions 10.15 through IS 10.15 Core Fix2411.1 to IS 11.1 Core Fix8 Description IBM webMethods Integration Server may reveal sensitive user information within its server responses. Recommendations Update to a...

6.5CVSS5.4AI score0.00323EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/03 12:8 p.m.8 views

Security Bulletin: IBM webMethods Integration Sever is affected by CVE-2025-14150

Summary IBM webMethods Integration server could disclose sensitive user information in server responses. CVE-2025-14150 Vulnerability Details CVEID:CVE-2025-14150 DESCRIPTION: IBM webMethods Integration could disclose sensitive user information in server responses. CWE:CWE-497: Exposure of...

6.5CVSS5.4AI score0.00323EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/06 12:6 p.m.9 views

Security Bulletin: Multiple vulnerabilities found in IBM EntireX through the use of webMethods Integration Server.

Summary As IBM EntireX Adapter runs in the webMethods Integration Server and the webMethods Integration Server has been updated in order to address the vulnerabilities, the fix for webMethods Integration Server will need to be applied by IBM EntireX customers. Vulnerability Details...

8.5CVSS9.2AI score0.97906EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/22 9:15 p.m.35 views

Security Bulletin: IBM webMethods Integration Sever is affected by server-side request forgery (SSRF)

Summary IBM webMethods Integration Sever is affected by server-side request forgery SSRF. CVE-2025-36037 Vulnerability Details CVEID:CVE-2025-36037 DESCRIPTION: IBM webMethods Integration is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send...

5.4CVSS6.7AI score0.00178EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/21 10:58 a.m.11 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands are vulnerable to denial of service [CVE-2025-8885], [CVE-2025-8916]

Summary Bouncycastle bcprov is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands are vulnerable to denial of service. This bulletin provides patch information to address the reported...

6.3CVSS6.3AI score0.00505EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-51771

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00126EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-43201

Malicious code in bioql PyPI...

8.8CVSS6.7AI score0.01252EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-34604

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01324EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-34801

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01297EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-43205

Malicious code in bioql PyPI...

6.5CVSS5.3AI score0.0111EPSS
Exploits0References1
Rows per page
Query Builder