Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
api connect vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-29772
IBM API Connect 5.0.0.0 up to and including 5.0.8.11 could allow a user to potentially inject code due to unsanitized user input. IBM X-Force ID: 202774.
Ibm Api Connect
NA
CVE-2021-38997
IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 up to and including 2018.4.1.19 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an malicious user to conduct various atta...
Ibm Api Connect
4
CVSSv2
CVE-2018-1932
IBM API Connect 5.0.0.0 up to and including 5.0.8.4 is affected by a vulnerability in the role-based access control in the management server that could allow an authenticated user to obtain highly sensitive information. IBM X-Force ID: 153175.
Ibm Api Connect
1 Github repository
4
CVSSv2
CVE-2018-1991
IBM API Connect 5.0.0.0, and 5.0.8.6 could could return sensitive information that could provide critical information as to the underlying software stack in CMC UI headers. IBM X-Force ID: 154284.
Ibm Api Connect
7.5
CVSSv2
CVE-2017-1161
IBM API Connect 5.0.6.0 could allow a remote malicious user to execute arbitrary commands on the system, caused by improper validation of URLs for the Developer Portal. By crafting a malicious URL, an attacker could exploit this vulnerability to execute arbitrary commands on the ...
Ibm Api Connect 5.0.6.0
5
CVSSv2
CVE-2019-4609
IBM API Connect 2018.4.1.7 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 168510.
Ibm Api Connect 2018.4.1.7
5
CVSSv2
CVE-2016-3012
IBM API Connect (aka APIConnect) prior to 5.0.3.0 with NPM prior to 2.2.8 includes certain internal server credentials in the software package, which might allow remote malicious users to bypass intended access restrictions by leveraging knowledge of these credentials.
Ibm Api Connect
Ibm Network Path Manager
5
CVSSv2
CVE-2016-1000232
NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been ...
Salesforce Tough-cookie
Ibm Api Connect
Ibm Api Connect 5.0.8.0
Redhat Openshift Container Platform 3.3
Redhat Openshift Container Platform 3.1
Redhat Openshift Container Platform 3.2
NA
CVE-2023-37957
A cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline restFul API Plugin 0.11 and previous versions allows malicious users to connect to an attacker-specified URL, capturing a newly generated JCLI token.
Jenkins Pipeline Restful Api
NA
CVE-2023-23300
The `Toybox.Cryptography.Cipher.initialize` API method in CIQ API version 3.0.0 up to and including 4.1.7 does not validate its parameters, which can result in buffer overflows when copying data. A malicious application could call the API method with specially crafted parameters ...
Garmin Connect-iq
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »