EUVD-2020-25454

Malware in sbrugna...

EUVD-2023-42189

Malicious code in bioql PyPI...

CVE-2023-38372

An unauthorized attacker who has obtained an IBM Watson IoT Platform 1.0 security authentication token can use it to impersonate an authorized platform user. IBM X-Force ID: 261201...

CVE-2023-38372

An unauthorized attacker who has obtained an IBM Watson IoT Platform 1.0 security authentication token can use it to impersonate an authorized platform user. IBM X-Force ID: 261201...

Authentication flaw

An unauthorized attacker who has obtained an IBM Watson IoT Platform 1.0 security authentication token can use it to impersonate an authorized platform user. IBM X-Force ID: 261201...

CVE-2023-38372 IBM Watson IoT Platform information disclosure

An unauthorized attacker who has obtained an IBM Watson IoT Platform 1.0 security authentication token can use it to impersonate an authorized platform user. IBM X-Force ID: 261201...

CVE-2023-38372

CVE-2023-38372 affects IBM Watson IoT Platform 1.0. An unauthorized attacker with a valid security authentication token can impersonate an authorized platform user, per NVD/IBM advisories. Impact is high on confidentiality (token abuse) with no indicated impact on integrity or availability in the...

PT-2024-12720 · Ibm · Ibm Watson Iot Platform

Name of the Vulnerable Software and Affected Versions: IBM Watson IoT Platform version 1.0 Description: An unauthorized attacker who has obtained an IBM Watson IoT Platform security authentication token can use it to impersonate an authorized platform user. Recommendations: For IBM Watson IoT...

Security Bulletin: An unauthorized attacker who has obtained an IBM Watson IoT Platform security authentication token can use it to impersonate an authorized platform user (CVE-2023-38372)

Summary Guidance on best practices to mitigate or avoid compromise in case an unauthorized attacker obtains an IBM Watson IoT Platform security authentication token CVE-2023-38372. Vulnerability Details CVEID:CVE-2023-38372 DESCRIPTION: IBM Watson IoT Platform contains a vulnerability that could...

IBM Watson IoT Message Gateway Code Execution Vulnerability

IBM Watson IoT Message Gateway is an IoT solution. A security vulnerability exists in IBM Watson IoT Message Gateway. The vulnerability arises from a networked system or product performing operations in memory without properly validating data boundaries, resulting in incorrect read and write...

CVE-2020-4207

IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0.0.2 is vulnerable to a buffer overflow, caused by improper bounds checking when handling a failed HTTP request with specific content in the headers. By sending a specially crafted HTTP request, a remote attacker could overflow a...

Buffer overflow

IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0.0.2 is vulnerable to a buffer overflow, caused by improper bounds checking when handling a failed HTTP request with specific content in the headers. By sending a specially crafted HTTP request, a remote attacker could overflow a...

CVE-2020-4207

IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0.0.2 is vulnerable to a buffer overflow, caused by improper bounds checking when handling a failed HTTP request with specific content in the headers. By sending a specially crafted HTTP request, a remote attacker could overflow a...

Security Bulletin: IBM Watson IoT MessageGateway Server is affected by a buffer overflow vulnerability (CVE-2020-4207)

Summary IBM Watson IoT MessageGateway Server is vulnerable to a buffer overflow isse that can result in denial of service and possible code execution. Vulnerability Details CVEID: CVE-2020-4207 DESCRIPTION: IBM Watson IoT Message Gateway is vulnerable to a buffer overflow, caused by improper boun...