EUVD-2016-6826

Malware in sbrugna...

EUVD-2023-28958

Malicious code in bioql PyPI...

CVE-2023-24971

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976...

Cross site scripting

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

CVE-2023-24971 IBM B2B Advanced Communication denial of service

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976...

Security Bulletin: IBM B2B Advanced Communications is vulnerable to identity spoofing due to IBM WebSphere Application Server Liberty (CVE-2022-22475)

Summary IBM B2B Advanced Communications has addressed vulnerabilities in IBM WebSphere Application Server Liberty shipped with product. Vulnerability Details CVEID:CVE-2022-22475 DESCRIPTION: IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are vulnerable to...

Security Bulletin: IBM B2B Advanced Communications is vulnerable to cross-site scripting due to the vulnerability of 10x (CVE-2016-5892)

Summary IBM B2B Advanced Communications is vulnerable to cross-site scripting due to the vulnerability of 10x. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality, potentially leading to credentials disclosure within a trusted...

Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM Multi-Enterprise Integration Gateway (CVE-2014-4263, CVE-2014-4244)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.0 SR7 that is used by IBM Multi-Enterprise Integration Gateway. These issues were disclosed as part of the IBM Java SDK updates in July 2014. Vulnerability Details CVEID: CVE-2014-4263 DESCRIPTION: An...

CVE-2016-5892

Cross-site scripting XSS vulnerability in IBM 10x, as used in Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications before 1.0.0.52, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-5892

The CVE-2016-5892 XSS vulnerability affects IBM 10x used in Multi-Enterprise Integration Gateway (MEIG) 1.x up to 1.0.0.1 and IBM B2B Advanced Communications up to 1.0.0.5_1/1.0.0.5_2. The root cause is cross‑site scripting in the Web UI, potentially enabling credential disclosure within a truste...

CVE-2016-0341

CVE-2016-0341 affects IBM Multi-Enterprise Integration Gateway 1.0–1.0.0.1 and B2B Advanced Communications 1.0.0.2–1.0.0.4. The root cause is missing HTTPS configuration, allowing remote attackers to obtain highly sensitive information via network sniffing. IBM security bulletins for IBM 10x, B2B...

Design/Logic Flaw

IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.x before 1.0.0.4, when guest access is configured, allow remote authenticated users to obtain sensitive information by reading error messages in responses...

CVE-2015-7445

IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.x before 1.0.0.4, when guest access is configured, allow remote authenticated users to obtain sensitive information by reading error messages in responses...

CVE-2015-7445

CVE-2015-7445 affects IBM Multi-Enterprise Integration Gateway (versions 1.0–1.0.0.1) and B2B Advanced Communications (1.x prior to 1.0.0.4). When guest access is enabled, remote authenticated users can read error responses to disclose sensitive information. Public sources also document disclosur...

CVE-2015-5022

IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.32, when access by guests is enabled, place an internal hostname and a payload path in a response, which allows remote authenticated users to obtain sensitive information ...

CVE-2015-4973

Cross-site scripting XSS vulnerability in IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.32 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

Design/Logic Flaw

IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.32, when access by guests is enabled, place an internal hostname and a payload path in a response, which allows remote authenticated users to obtain sensitive information ...

CVE-2015-4973

Cross-site scripting XSS vulnerability in IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.32 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

CVE-2015-5022

IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.32, when access by guests is enabled, place an internal hostname and a payload path in a response, which allows remote authenticated users to obtain sensitive information ...

CVE-2015-4973

Summary: CVE-2015-4973 is an XSS vulnerability affecting IBM’s Multi-Enterprise Integration Gateway (1.x up to 1.0.0.1) and B2B Advanced Communications (1.0.0.2/1.0.0.3) that allows remote attackers to insert arbitrary script/HTML via a crafted URL. Affected components: IBM Multi-Enterprise Integ...