Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
api connect vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-28522
IBM API Connect V10 could allow an authenticated user to perform actions that they should not have access to. IBM X-Force ID: 250585.
Ibm Api Connect
NA
CVE-2022-34350
IBM API Connect 10.0.0.0 up to and including 10.0.5.0, 10.0.1.0 up to and including 10.0.1.7, and 2018.4.1.0 up to and including 2018.4.1.20 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit...
Ibm Api Connect
5
CVSSv2
CVE-2020-4346
IBM API Connect's V2018.4.1.0 up to and including 2018.4.1.10 management server has an unsecured api which can be exploited by an unauthenticated malicious user to obtain sensitive information. IBM X-Force ID: 178322.
Ibm Api Connect
5
CVSSv2
CVE-2020-4695
IBM API Connect V10 is impacted by insecure communications during database replication. As the data replication happens over insecure communication channels, an attacker can view unencrypted data leading to a loss of confidentiality.
Ibm Api Connect
7.5
CVSSv2
CVE-2017-1161
IBM API Connect 5.0.6.0 could allow a remote malicious user to execute arbitrary commands on the system, caused by improper validation of URLs for the Developer Portal. By crafting a malicious URL, an attacker could exploit this vulnerability to execute arbitrary commands on the ...
Ibm Api Connect 5.0.6.0
5
CVSSv2
CVE-2019-4609
IBM API Connect 2018.4.1.7 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 168510.
Ibm Api Connect 2018.4.1.7
5
CVSSv2
CVE-2016-3012
IBM API Connect (aka APIConnect) prior to 5.0.3.0 with NPM prior to 2.2.8 includes certain internal server credentials in the software package, which might allow remote malicious users to bypass intended access restrictions by leveraging knowledge of these credentials.
Ibm Api Connect
Ibm Network Path Manager
5
CVSSv2
CVE-2016-1000232
NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been ...
Salesforce Tough-cookie
Ibm Api Connect
Ibm Api Connect 5.0.8.0
Redhat Openshift Container Platform 3.3
Redhat Openshift Container Platform 3.1
Redhat Openshift Container Platform 3.2
NA
CVE-2023-37957
A cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline restFul API Plugin 0.11 and previous versions allows malicious users to connect to an attacker-specified URL, capturing a newly generated JCLI token.
Jenkins Pipeline Restful Api
NA
CVE-2023-23300
The `Toybox.Cryptography.Cipher.initialize` API method in CIQ API version 3.0.0 up to and including 4.1.7 does not validate its parameters, which can result in buffer overflows when copying data. A malicious application could call the API method with specially crafted parameters ...
Garmin Connect-iq
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »