Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
connect vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2020-4828
IBM API Connect 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.13 is vulnerable to web cache poisoning, caused by improper input validation by modifying HTTP request headers. IBM X-Force ID: 189842.
Ibm Api Connect 10.0.0.0
Ibm Api Connect 10.0.1.0
Ibm Api Connect
3.8
CVSSv2
CVE-2020-4640
Certain IBM API Connect 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.13 configurations can result in sensitive information in the URL fragment identifiers. This information can be cached in the intermediate nodes like proxy servers, cdn, loggi...
Ibm Api Connect 10.0.0.0
Ibm Api Connect 10.0.1.0
Ibm Api Connect
4
CVSSv2
CVE-2016-0211
IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted DRDA message.
Ibm Db2 Connect 9.8.0.1
Ibm Db2 Connect 9.8.0.5
Ibm Db2 Connect 9.8.0.3
Ibm Db2 Connect 9.8.0.2
Ibm Db2 9.8.0.3
Ibm Db2 9.8.0.2
Ibm Db2 9.8.0.1
Ibm Db2 9.8.0.4
Ibm Db2 9.8.0.5
Ibm Db2 9.8
Ibm Db2 Connect 9.8.0.4
Ibm Db2 Connect 9.8
Ibm Db2 Connect 10.5.0.7
Ibm Db2 Connect 10.5.0.6
Ibm Db2 Connect 10.5.0.5
Ibm Db2 Connect 10.5.0.4
Ibm Db2 10.5.0.7
Ibm Db2 10.5.0.6
Ibm Db2 10.5.0.5
Ibm Db2 10.5.0.4
Ibm Db2 10.5.0.3
Ibm Db2 10.5.0.2
4.3
CVSSv2
CVE-2010-4592
The Mobile Network Connections functionality in the Connection Manager in IBM Lotus Mobile Connect prior to 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly handle failed attempts at establishing HTTP-TCP sessions, which allows remote malicious users to ca...
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect 6.1.1
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.2
5
CVSSv2
CVE-2010-4595
The Connection Manager in IBM Lotus Mobile Connect prior to 6.1.4 disables the http.device.stanza blacklisting functionality for HTTP Access Services (HTTP-AS), which allows remote malicious users to bypass intended access restrictions via an HTTP request that contains a disallow...
Ibm Lotus Mobile Connect 6.1.1
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect 6.1.2
4
CVSSv2
CVE-2010-4593
The Connection Manager in IBM Lotus Mobile Connect prior to 6.1.4 does not properly maintain a certain reference count, which allows remote authenticated users to cause a denial of service (IP address exhaustion) by making invalid attempts to establish sessions with the same VPN ...
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.2
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect 6.1.1
4.3
CVSSv2
CVE-2010-4590
Cross-site scripting (XSS) vulnerability in HTTP Access Services (HTTP-AS) in the Connection Manager in IBM Lotus Mobile Connect (LMC) prior to 6.1.4 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.2
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect 6.1.1
4.4
CVSSv2
CVE-2010-4591
The Connection Manager in IBM Lotus Mobile Connect (LMC) prior to 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not delete LTPA tokens in response to use of the iNotes Logoff button, which might allow physically proximate malicious users to obtain access via an unat...
Ibm Lotus Mobile Connect 6.1.2
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.1
4.3
CVSSv2
CVE-2010-4594
The Connection Manager in IBM Lotus Mobile Connect prior to 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly process TCP connection requests, which allows remote malicious users to cause a denial of service (memory consumption and HTTP-AS hang) by making m...
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.2
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect 6.1.1
6.8
CVSSv2
CVE-2013-2989
The file-copying functionality in IBM Sterling Connect:Direct 3.8.00, 4.0.00, and 4.1.0 for UNIX on AIX 6.1 up to and including 7.1 uses incorrect privileges, which allows local users to bypass filesystem read permissions and write permissions by leveraging authentication to the ...
Ibm Sterling Connect 4.1.0.0
Ibm Sterling Connect 4.0.00
Ibm Sterling Connect 3.8.00
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »