31 matches found
Security Bulletin: IBM Sterling B2B Integrator is vulnerable to Cross-Site Scripting (CVE-2022-34330)
Summary IBM Sterling B2B Integrator has addressed the cross-site scripting vulnerability Vulnerability Details CVEID:CVE-2022-34330 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code i...
Security Bulletin: B2B API of IBM Sterling B2B Integrator is vulnerable to information disclosure (CVE-2022-22337)
Summary IBM Sterling B2B Integrator has addressed the information disclousre vulnerability in B2B API Vulnerability Details CVEID:CVE-2022-22337 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could disclose sensitive information to an authenticated user. CVSS Base score: 4.3 CVSS...
Security Bulletin: Dashboard of IBM Sterling B2B Integrator is vulnerable to cross-site scripting (CVE-2022-22352)
Summary IBM Sterling B2B Integrator has addressed the cross-site scripting vulnerability in Dashboard. Vulnerability Details CVEID:CVE-2022-22352 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...
Security Bulletin: IBM Sterling File Gateway is vulnerable to information disclosure (CVE-2021-39086)
Summary IBM Sterling File Gateway has addressed the an information discloure vulnerability. Vulnerability Details CVEID:CVE-2021-39086 DESCRIPTION: IBM Sterling File Gateway could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the...
Security Bulletin: IBM Sterling B2B Integrator Dashboard UI is vulner to SQL Injection (CVE-2021-39085)
Summary IBM Sterling B2B Integrator dashboard UI has addressed an SQL injection vulnerability. Vulnerability Details CVEID:CVE-2021-39085 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which...
CVE-2024-56902
Information disclosure vulnerability in Geovision GV-ASManager web application with the version v6.1.0.0 or less, which discloses account information, including cleartext password...
Security Bulletin: IBM Sterling B2B Integrator is affected by sensitive information exposure due to Apache James MIME4J (CVE-2022-45787)
Summary IBM Sterling B2B Integrator uses Apache James MIME4J. Vulnerability Details CVEID: CVE-2022-45787 DESCRIPTION: Apache James MIME4J could allow a local authenticated attacker to obtain sensitive information, caused by improper laxist permissions on the temporary files. By sending a...
Fabulatech FabulaTech USB for Remote Desktop 代码问题漏洞
Fabulatech FabulaTech USB for Remote Desktop is a USB device remote connection application from Fabulatech UK that supports redirection of USB devices plugged into the local computer to a remote computer. A code issue vulnerability exists in FabulaTech USB for Remote Desktop version 6.1.0.0, whic...
PT-2023-2923 · Fabulatech · Fabulatech Usb For Remote Desktop
Name of the Vulnerable Software and Affected Versions: FabulaTech USB for Remote Desktop version 6.1.0.0 Description: A vulnerability was found in the IoControlCode Handler component of FabulaTech USB for Remote Desktop, affecting the function 0x220448/0x220420/0x22040c/0x220408. The manipulation...
WordPress Community by PeepSo Plugin <= 6.0.9.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Community by PeepSo Type Plugin Vulnerable versions = 6.0.9.0 Fixed in 6.1.0.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-32092 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b99f695dac2f Credits Skalucy...
IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2023-11694)
IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with different partner communities.A cross-site scripting...
Security Bulletin: IBM Sterling B2B Integrator is vulnerable to improper permission controls (CVE-2022-40232)
Summary IBM Sterling B2B Integrator has addressed the permission control security vulnerability Vulnerability Details CVEID:CVE-2022-40232 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could allow an authenticated user to perform actions they should not have access to due to improper...
Security Bulletin: IBM Sterling B2B Integrator is vulnerable to denial of service due to Google Gson (CVE-2022-25647)
Summary IBM Sterling B2B Integrator has addressed a denial of service vulnerability in Google Gson. Vulnerability Details CVEID:CVE-2022-25647 DESCRIPTION: Google Gson is vulnerable to a denial of service, caused by the deserialization of untrusted data. By using the writeReplace method, a remote...
Security Bulletin: Cross-Site Scripting vulnerability affects IBM Sterling B2B Integrator (CVE-2020-4657)
Summary IBM Sterling B2B Integrator has addressed a XSS vulnerability. Vulnerability Details CVEID: CVE-2020-4657 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus...
Security Bulletin: Apache Standard Taglibs Vulnerability Affects IBM Sterling B2B Integrator (CVE-2015-0254)
Summary IBM Sterling B2B Integrator has addressed the security vulnerability. Vulnerability Details CVEID: CVE-2015-0254 DESCRIPTION: Apache Standard Taglibs could allow a remote attacker to execute arbitrary code on the system, caused by an XML External Entity Injection XXE error when processing...
IBM Sterling File Gateway Denial of Service Vulnerability
IBM Sterling File Gateway is an application for transferring files between internal and external partners, allowing you to more securely and reliably transfer files with trading partners. IBM Sterling File Gateway versions 2.2.0.0-5.2.6.53, 6.0.0.0- 6.0.0.6, 6.0 .1.0-6.0.3.4, and 6.1.0.0-6.1.0.1...
Security Bulletin: SQL Injection Vulnerability Affects Docker Container of IBM Sterling B2B Integrator (CVE-2021-29798)
Summary IBM Sterling B2B Integrator has addressed the security vulnerability. Vulnerability Details CVEID: CVE-2021-29798 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the...
Security Bulletin: PostgreSQL Vulnerability Affects IBM Sterling Connect:Direct for Microsoft Windows (CVE-2020-25696)
Summary There is a vulnerability in PostgreSQL 9.5 and 11 used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-25696 DESCRIPTION: PostgreSQL could allow a remote attacke...
IBM HTTP Server 6.1.0.0 <= 6.1.0.47 / 7.0.0.0 < 7.0.0.39 / 8.0.0.0 < 8.0.0.12 / 8.5.0.0 < 8.5.5.7 HTTP Request Smuggling (533835)
The version of IBM HTTP Server running on the remote host is affected by an HTTP request smuggling vulnerability related to Apache HTTP Server. The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers t...
Security Bulletin: Cryptographic Vulnerability Affects Map Editor in IBM Sterling B2B Integrator (CVE-2020-4937)
Summary IBM Sterling B2B Integrator has addressed a weak cryptographic algorithm vulnerability in the Map Tester of the Map Editor. Vulnerability Details CVEID: CVE-2020-4937 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition uses weaker than expected cryptographic algorithms that could...