312 matches found
EUVD-2023-41976
Malicious code in bioql PyPI...
EUVD-2022-34606
Malicious code in bioql PyPI...
EUVD-2023-43202
Malicious code in bioql PyPI...
EUVD-2023-43204
Malicious code in bioql PyPI...
EUVD-2023-43203
Malicious code in bioql PyPI...
EUVD-2022-24413
Malicious code in bioql PyPI...
EUVD-2024-51771
Malicious code in bioql PyPI...
Security Bulletin: IBM webMethods Integration Sever is affected by vulnerable lucene-suggest-8.9.0.jar
Summary IBM webMethods Integration Sever is affected by vulnerable lucene-suggest-8.9.0.jar. CWE-400 Vulnerability Details IBM X-Force ID: 216835 DESCRIPTION: Apache Lucene is vulnerable to a denial of service. By sending a specific regular expression query, a remote attacker could exploit this...
CVE-2025-36049
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands...
CVE-2025-36048
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their privileges when handling external entities due to execution with unnecessary privileges...
CVE-2025-36049
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands...
CVE-2025-36049 IBM webMethods Integration Sever XML external entity injection
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands...
CVE-2025-36049 IBM webMethods Integration Sever XML external entity injection
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands...
CVE-2025-36049
IBM webMethods Integration Server (on‑prem) versions 10.5, 10.7, 10.11, and 10.15 are affected by CVE-2025-36049 due to an XML external entity (XXE) processing vulnerability in XML data handling. The underlying issue is XXE which could allow a remote authenticated attacker to execute arbitrary co...
CVE-2025-36048 IBM webMethods Integration Sever code execution
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their privileges when handling external entities due to execution with unnecessary privileges...
CVE-2025-36048 IBM webMethods Integration Sever code execution
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their privileges when handling external entities due to execution with unnecessary privileges...
CVE-2025-36048
CVE-2025-36048 affects IBM webMethods Integration Server (on‑prem) versions 10.5, 10.7, 10.11, and 10.15. The root cause is execution with unnecessary privileges when handling external entities, enabling a privileged user to escalate privileges. The IBM bulletin specifies affected builds and fixe...
Security Bulletin: IBM webMethods Integration Server is affected by vulnerable Google Guava 30.0 jar used in the GraphQL functionality
Summary Google Guava is used by IBM webMethods Integration Server as part of the GraphQL functionality. CVE-2023-2976, CVE-2020-8908. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versio...
IBM webMethods Integration 代码问题漏洞
IBM webMethods Integration is a hybrid enterprise iPaaS from International Business Machines IBM. A code issue vulnerability exists in IBM webMethods Integration Server versions 10.5, 10.7, 10.11, and 10.15 that stems from an XML external entity injection vulnerability that could lead to the...
PT-2025-26178 · Ibm · Webmethods Integration Server
Name of the Vulnerable Software and Affected Versions: IBM webMethods Integration Server versions 10.5 through 10.15 Description: The issue allows a privileged user to escalate their privileges when handling external entities due to execution with unnecessary privileges. Recommendations: For...