1071 matches found
CVE-2025-13726
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system...
MAL-2026-2205 Malicious code in @emilgroup/partner-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b0abde6a2a005b2c63f18e87169a3b47ddfe6fb943ad82a005e1d3d3a8e5887 The package @emilgroup/partner-sdk was found to contain malicious code. Source: google-open-source-security...
HackerOne, Mazda, Infinite Campus and Dutch Ministry Hit by Data Breaches
HackerOne, Mazda, Infinite Campus and the Dutch Ministry report data breaches, exposing employee and partner data across multiple sectors worldwide...
The Rise of Managed Risk Operations: How the New Qualys mROC Portal Helps Partners Scale the Risk Operations Center
Key Takeaways The mROC Portal acts as a portfolio-wide command center, giving partners unified visibility into high-risk customer environments, active threats, and critical exposures to drive prioritized, portfolio-wide risk management. Partners can filter risk, drill into any customer, and take...
Malicious code in @emilgroup/partner-portal-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e6d39860559ec42dbfe2c1b124d8354e3fc7985ea21f2c1a7ae35f874875726 The package @emilgroup/partner-portal-sdk was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2053 Malicious code in @emilgroup/partner-portal-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e6d39860559ec42dbfe2c1b124d8354e3fc7985ea21f2c1a7ae35f874875726 The package @emilgroup/partner-portal-sdk was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2055 Malicious code in @emilgroup/partner-sdk-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 021998bae85c5300a2c6e776ee80893de174f4216d701951b4742fd3eff21d85 The package @emilgroup/partner-sdk-node was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2054 Malicious code in @emilgroup/partner-portal-sdk-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79a5c2bcdd0cc7a9c9c9a7b0ba777fad4241aa5fc60e34903bb138a44261c35b The package @emilgroup/partner-portal-sdk-node was found to contain malicious code. Source: ghsa-malware...
Embedded Malicious Code
Overview @emilgroup/partner-sdk is an A new version of the package Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM...
Embedded Malicious Code
Overview @emilgroup/partner-portal-sdk is an A new version of the package Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released ...
EUVD-2025-208653
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...
EUVD-2025-208649
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive user information using an expired access token...
EUVD-2025-208645
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...
EUVD-2025-208651
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system...
EUVD-2025-208648
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors...
CVE-2025-14811
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...
CVE-2025-13702
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...
CVE-2025-13718
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors...
CVE-2025-13726
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system...
CVE-2025-13702 IBM Sterling Partner Engagement Manager Cross-Site Scripting
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...