Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
api connect vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2018-1778
IBM LoopBack (IBM API Connect 2018.1, 2018.4.1, 5.0.8.0, and 5.0.8.4) could allow an malicious user to bypass authentication if the AccessToken Model is exposed over a REST API, it is then possible for anyone to create an AccessToken for any User provided they know the userId and...
Ibm Api Connect
445
VMScore
CVE-2018-1779
IBM API Connect 2018.1 up to and including 2018.3.7 could allow an unauthenticated malicious user to cause a denial of service due to not setting limits on JSON payload size. IBM X-Force ID: 148802.
Ibm Api Connect
668
VMScore
CVE-2018-1784
IBM API Connect 5.0.0.0 and 5.0.8.4 is affected by a NoSQL Injection in MongoDB connector for the LoopBack framework. IBM X-Force ID: 148807.
Ibm Api Connect
578
VMScore
CVE-2018-1789
IBM API Connect v2018.1.0 through v2018.3.4 could allow an malicious user to send a specially crafted request to conduct a server side request forgery attack. IBM X-Force ID: 148939.
Ibm Api Connect
356
VMScore
CVE-2018-1389
IBM API Connect 5.0.0.0 up to and including 5.0.8.2 is impacted by generated LoopBack APIs for a Model using the BelongsTo/HasMany relationship allowing unauthorized modification of information. IBM X-Force ID: 138213.
Ibm Api Connect
801
VMScore
CVE-2018-1973
IBM API Connect 5.0.0.0 up to and including 5.0.8.4 allows a user with limited 'API Administrator level access to give themselves full 'Administrator' level access through the members functionality. IBM X-Force ID: 153914.
Ibm Api Connect
356
VMScore
CVE-2018-1976
IBM API Connect 5.0.0.0 up to and including 5.0.8.4 is impacted by sensitive information disclosure via a REST API that could allow a user with administrative privileges to obtain highly sensitive information. IBM X-Force ID: 154031.
Ibm Api Connect
605
VMScore
CVE-2018-1858
IBM API Connect 5.0.0.0 up to and including 5.0.8.6 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 151256.
Ibm Api Connect
578
VMScore
CVE-2018-1859
IBM API Connect 5.0.0.0 up to and including 5.0.8.4 could allow a user authenticated as an administrator with limited rights to escalate their privileges. IBM X-Force ID: 151258.
Ibm Api Connect
187
VMScore
CVE-2018-1874
IBM API Connect 5.0.0.0 up to and including 5.0.8.5 could display highly sensitive information to an attacker with physical access to the system. IBM X-Force ID: 151636.
Ibm Api Connect
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »