Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
api connect vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2018-1859
IBM API Connect 5.0.0.0 up to and including 5.0.8.4 could allow a user authenticated as an administrator with limited rights to escalate their privileges. IBM X-Force ID: 151258.
Ibm Api Connect
6.5
CVSSv2
CVE-2018-1789
IBM API Connect v2018.1.0 through v2018.3.4 could allow an malicious user to send a specially crafted request to conduct a server side request forgery attack. IBM X-Force ID: 148939.
Ibm Api Connect
6.5
CVSSv2
CVE-2017-15044
The default installation of DocuWare Fulltext Search server up to and including 6.11 allows remote users to connect to and download searchable text from the embedded Solr service, bypassing DocuWare's access control features of the DocuWare user interfaces and API. An attack...
Docuware Fulltext Server
6.4
CVSSv2
CVE-2021-29715
IBM API Connect 5.0.0.0 up to and including 5.0.8.11 could alllow a remote user to obtain sensitive information or conduct denial of serivce attacks due to open ports. IBM X-Force ID: 201018.
Ibm Api Connect
6.4
CVSSv2
CVE-2020-4903
IBM API Connect V10 and V2018 could allow an attacker who has intercepted a registration invitation link to impersonate the registered user or obtain sensitive information. IBM X-Force ID: 191105.
Ibm Api Connect
6.4
CVSSv2
CVE-2020-4828
IBM API Connect 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.13 is vulnerable to web cache poisoning, caused by improper input validation by modifying HTTP request headers. IBM X-Force ID: 189842.
Ibm Api Connect 10.0.0.0
Ibm Api Connect 10.0.1.0
Ibm Api Connect
6.4
CVSSv2
CVE-2020-4899
IBM API Connect 5.0.0.0 up to and including 5.0.8.10 could potentially leak sensitive information or allow for data corruption due to plain text transmission of sensitive information across the network. IBM X-Force ID: 190990.
Ibm Api Connect
6.4
CVSSv2
CVE-2017-1322
IBM API Connect 5.0.6.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 125918.
Ibm Api Connect 5.0.6.2
Ibm Api Connect 5.0.1.0
Ibm Api Connect 5.0.0.0
Ibm Api Connect 5.0.6.0
Ibm Api Connect 5.0.5.0
Ibm Api Connect 5.0.4.0
Ibm Api Connect 5.0.3.0
Ibm Api Connect 5.0.2.0
Ibm Api Connect 5.0.7.0
Ibm Api Connect 5.0.6.1
Ibm Api Connect 5.0.0.1
6
CVSSv2
CVE-2022-23642
Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.37 is vulnerable to remote code execution in the `gitserver` service. The service acts as a git exec proxy, and fails to properly restrict calling `git config`. This allows an malicious user to set...
Sourcegraph Sourcegraph
1 Github repository
6
CVSSv2
CVE-2022-21701
Istio is an open platform to connect, manage, and secure microservices. In versions 1.12.0 and 1.12.1 Istio is vulnerable to a privilege escalation attack. Users who have `CREATE` permission for `gateways.gateway.networking.k8s.io` objects can escalate this privilege to create ot...
Istio Istio 1.12.0
Istio Istio 1.12.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »