Lucene search
K

1071 matches found

redhatcve
redhatcve
added 2026/03/26 3:13 p.m.3 views

CVE-2025-13726

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system...

7.5CVSS7.1AI score0.00327EPSS
Exploits0References1
osv
osv
added 2026/03/26 12:33 a.m.4 views

MAL-2026-2205 Malicious code in @emilgroup/partner-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b0abde6a2a005b2c63f18e87169a3b47ddfe6fb943ad82a005e1d3d3a8e5887 The package @emilgroup/partner-sdk was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
hackread
hackread
added 2026/03/24 10:54 p.m.7 views

HackerOne, Mazda, Infinite Campus and Dutch Ministry Hit by Data Breaches

HackerOne, Mazda, Infinite Campus and the Dutch Ministry report data breaches, exposing employee and partner data across multiple sectors worldwide...

5.8AI score
Exploits0
qualysblog
qualysblog
added 2026/03/24 2:0 p.m.5 views

The Rise of Managed Risk Operations: How the New Qualys mROC Portal Helps Partners Scale the Risk Operations Center

Key Takeaways The mROC Portal acts as a portfolio-wide command center, giving partners unified visibility into high-risk customer environments, active threats, and critical exposures to drive prioritized, portfolio-wide risk management. Partners can filter risk, drill into any customer, and take...

5.9AI score
Exploits0
ossf
ossf
added 2026/03/22 6:19 p.m.8 views

Malicious code in @emilgroup/partner-portal-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e6d39860559ec42dbfe2c1b124d8354e3fc7985ea21f2c1a7ae35f874875726 The package @emilgroup/partner-portal-sdk was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
osv
osv
added 2026/03/22 6:19 p.m.6 views

MAL-2026-2053 Malicious code in @emilgroup/partner-portal-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e6d39860559ec42dbfe2c1b124d8354e3fc7985ea21f2c1a7ae35f874875726 The package @emilgroup/partner-portal-sdk was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
osv
osv
added 2026/03/22 6:19 p.m.5 views

MAL-2026-2055 Malicious code in @emilgroup/partner-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 021998bae85c5300a2c6e776ee80893de174f4216d701951b4742fd3eff21d85 The package @emilgroup/partner-sdk-node was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
osv
osv
added 2026/03/22 6:14 p.m.5 views

MAL-2026-2054 Malicious code in @emilgroup/partner-portal-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79a5c2bcdd0cc7a9c9c9a7b0ba777fad4241aa5fc60e34903bb138a44261c35b The package @emilgroup/partner-portal-sdk-node was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
snyk
snyk
added 2026/03/19 11:0 p.m.4 views

Embedded Malicious Code

Overview @emilgroup/partner-sdk is an A new version of the package Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/03/19 11:0 p.m.5 views

Embedded Malicious Code

Overview @emilgroup/partner-portal-sdk is an A new version of the package Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released ...

9.8CVSS5.8AI score
Exploits0References2
euvd
euvd
added 2026/03/13 9:31 p.m.7 views

EUVD-2025-208653

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...

3.1CVSS5.8AI score0.00205EPSS
Exploits0References2
euvd
euvd
added 2026/03/13 9:31 p.m.5 views

EUVD-2025-208649

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive user information using an expired access token...

5.3CVSS5.8AI score0.00166EPSS
Exploits0References2
euvd
euvd
added 2026/03/13 9:31 p.m.4 views

EUVD-2025-208645

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

6.1CVSS5.5AI score0.00212EPSS
Exploits0References2
euvd
euvd
added 2026/03/13 9:31 p.m.3 views

EUVD-2025-208651

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system...

5.3CVSS5.8AI score0.00327EPSS
Exploits0References2
euvd
euvd
added 2026/03/13 9:31 p.m.3 views

EUVD-2025-208648

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors...

3.7CVSS5.8AI score0.00183EPSS
Exploits0References2
nvd
nvd
added 2026/03/13 7:53 p.m.7 views

CVE-2025-14811

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...

5.9CVSS0.00205EPSS
Exploits0References1
nvd
nvd
added 2026/03/13 7:53 p.m.8 views

CVE-2025-13702

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

6.1CVSS0.00212EPSS
Exploits0References1
nvd
nvd
added 2026/03/13 7:53 p.m.5 views

CVE-2025-13718

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors...

7.5CVSS0.00183EPSS
Exploits0References1
nvd
nvd
added 2026/03/13 7:53 p.m.4 views

CVE-2025-13726

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system...

7.5CVSS0.00327EPSS
Exploits0References1
cvelist
cvelist
added 2026/03/13 6:33 p.m.32 views

CVE-2025-13702 IBM Sterling Partner Engagement Manager Cross-Site Scripting

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

6.1CVSS0.00212EPSS
Exploits0References1
Rows per page
Query Builder