Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
api connect vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-1779
IBM API Connect 2018.1 up to and including 2018.3.7 could allow an unauthenticated malicious user to cause a denial of service due to not setting limits on JSON payload size. IBM X-Force ID: 148802.
Ibm Api Connect
7.5
CVSSv2
CVE-2018-1784
IBM API Connect 5.0.0.0 and 5.0.8.4 is affected by a NoSQL Injection in MongoDB connector for the LoopBack framework. IBM X-Force ID: 148807.
Ibm Api Connect
6.5
CVSSv2
CVE-2018-1789
IBM API Connect v2018.1.0 through v2018.3.4 could allow an malicious user to send a specially crafted request to conduct a server side request forgery attack. IBM X-Force ID: 148939.
Ibm Api Connect
6.4
CVSSv2
CVE-2020-4899
IBM API Connect 5.0.0.0 up to and including 5.0.8.10 could potentially leak sensitive information or allow for data corruption due to plain text transmission of sensitive information across the network. IBM X-Force ID: 190990.
Ibm Api Connect
6.4
CVSSv2
CVE-2020-4903
IBM API Connect V10 and V2018 could allow an attacker who has intercepted a registration invitation link to impersonate the registered user or obtain sensitive information. IBM X-Force ID: 191105.
Ibm Api Connect
3.5
CVSSv2
CVE-2018-1430
IBM API Connect 5.0.0.0 up to and including 5.0.8.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sess...
Ibm Api Connect
5
CVSSv2
CVE-2019-4460
IBM API Connect 5.0.0.0 up to and including 5.0.8.6 developer portal could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the sy...
Ibm Api Connect
7.5
CVSSv2
CVE-2018-1712
IBM API Connect's Developer Portal 5.0.0.0 up to and including 5.0.8.3 is vulnerable to Server Side Request Forgery. An attacker, using specially crafted input parameters can trick the server into making potentially malicious calls within the trusted network. IBM X-Force ID:...
Ibm Api Connect
3.5
CVSSv2
CVE-2020-4195
IBM API Connect V2018.4.1.0 up to and including 2018.4.1.10 could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click ...
Ibm Api Connect
4.3
CVSSv2
CVE-2020-4337
IBM API Connect 2018.4.1.0 up to and including 2018.4.1.12 could allow an malicious user to launch phishing attacks by tricking the server to generate user registration emails that contain malicious URLs. IBM X-Force ID: 177933.
Ibm Api Connect
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »