93 matches found
EUVD-2019-6587
Malware in sbrugna...
EUVD-2021-7095
Malicious code in bioql PyPI...
EUVD-2022-4638
Malicious code in bioql PyPI...
EUVD-2021-7093
Malicious code in bioql PyPI...
EUVD-2022-4346
Malicious code in bioql PyPI...
EUVD-2022-3636
Malicious code in bioql PyPI...
CVE-2021-1626
MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021...
CVE-2021-1628
MuleSoft is aware of a XML External Entity XXE vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021...
CVE-2020-10991
Mulesoft APIkit through 1.3.0 allows XXE because of validation/RestXmlSchemaValidator.java...
CVE-2020-6937
A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion...
CVE-2019-13116
The MuleSoft Mule Community Edition runtime engine before 3.8 allows remote attackers to execute arbitrary code because of Java Deserialization, related to Apache Commons Collections...
CVE-2019-15631
Remote Code Execution vulnerability in MuleSoft Mule CE/EE 3.x and API Gateway 2.x released before October 31, 2019 allows remote attackers to execute arbitrary code...
Choosing the Right Deployment Option for Your API Security Solution
You need an API security solution. That much is a given although some may argue it isn’t!. While essential for business growth and innovation, APIs, or Application Programming Interfaces, expose the organizations that use them to cyber threats. Attackers are both aware of and actively exploiting...
Elevating Enterprise API Security with Wallarm for MuleSoft Anypoint Platform
In an age characterized by digital transformation, APIs serve as the backbone of modern applications, enabling diverse systems to communicate and share data seamlessly. This widespread API adoption, however, exposes organizations to a considerable attack surface, inviting the attention of cyber...
Security Bulletin: Multiple vulnerabilities in Apache Commons Collections affect IBM InfoSphere Information Server
Summary Multiple vulnerabilities in Apache Commons Collections used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2015-4852 DESCRIPTION: The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers t...
GHSA-JFFQ-528J-MP6C Withdrawn Advisory: Improper Restriction of XML External Entity Reference in Mulesoft APIkit
Withdrawn Advisory This advisory has been withdrawn because it does not affected a package in a supported ecosystem. This link has been maintained to preserve external references. Original Description Mulesoft APIkit through 1.3.0 allows XXE because of validation/RestXmlSchemaValidator.java...
Withdrawn Advisory: Improper Restriction of XML External Entity Reference in Mulesoft APIkit
Withdrawn Advisory This advisory has been withdrawn because it does not affected a package in a supported ecosystem. This link has been maintained to preserve external references. Original Description Mulesoft APIkit through 1.3.0 allows XXE because of validation/RestXmlSchemaValidator.java...
GHSA-CVCF-W75C-GW5R Mulesoft Mule Unsafe Deserialization
The MuleSoft Mule runtime engine before 3.8.0 allows remote attackers to execute arbitrary code because of Java Deserialization, related to Apache Commons Collections...
Mulesoft Mule Unsafe Deserialization
The MuleSoft Mule runtime engine before 3.8.0 allows remote attackers to execute arbitrary code because of Java Deserialization, related to Apache Commons Collections...
GHSA-MWH9-GR45-XVV4 Mule modules contain Directory Traversal
Directory Traversal in APIkit, http-connector, and OAuth2 Provider modules in Mulesoft 3.x, 4.x and Mulesoft API Gateway all versions released before August 1, 2019 allow remote attackers to read files accessible to the Mule process...