Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
api connect vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-1858
IBM API Connect 5.0.0.0 up to and including 5.0.8.6 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 151256.
Ibm Api Connect
6.8
CVSSv2
CVE-2018-1774
IBM API Connect 5.0.0.0, 5.0.8.4, 2018.1 and 2018.3.6 is vulnerable to CSV injection via the developer portal and analytics that could contain malicious commands that would be executed once opened by an administrator. IBM X-Force ID: 148692.
Ibm Api Connect
6.8
CVSSv2
CVE-2018-1638
IBM API Connect 5.0.0.0-5.0.8.3 Developer Portal does not enforce Two Factor Authentication (TFA) while resetting a user password but enforces it for all other login scenarios. IBM X-Force ID: 144483.
Ibm Api Connect
6.8
CVSSv2
CVE-2017-1000091
GitHub Branch Source Plugin connects to a user-specified GitHub API URL (e.g. GitHub Enterprise) as part of form validation and completion (e.g. to verify Scan Credentials are correct). This functionality improperly checked permissions, allowing any user with Overall/Read access ...
Jenkins Github Branch Source 1.1
Jenkins Github Branch Source 1.2
Jenkins Github Branch Source 1.3
Jenkins Github Branch Source 1.4
Jenkins Github Branch Source 0.1
Jenkins Github Branch Source 1.0
Jenkins Github Branch Source 1.6
Jenkins Github Branch Source 2.0.0
Jenkins Github Branch Source 2.0.1
Jenkins Github Branch Source 2.0.2
Jenkins Github Branch Source 2.0.4
Jenkins Github Branch Source 2.2.0
Jenkins Github Branch Source 1.8
Jenkins Github Branch Source 1.8.1
Jenkins Github Branch Source 1.9
Jenkins Github Branch Source 1.10
Jenkins Github Branch Source 2.0.5
Jenkins Github Branch Source 2.0.6
Jenkins Github Branch Source 2.0.7
Jenkins Github Branch Source 1.5
Jenkins Github Branch Source 1.7
Jenkins Github Branch Source 2.0.3
6.8
CVSSv2
CVE-2014-9104
Multiple cross-site request forgery (CSRF) vulnerabilities in the XML-RPC API in the Desktop Client in OpenVPN Access Server 1.5.6 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) disconnecting established VPN...
Openvpn Openvpn Access Server
6.8
CVSSv2
CVE-2009-1307
The view-source: URI implementation in Mozilla Firefox prior to 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote malicious users to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file...
Mozilla Firefox 0.1
Mozilla Firefox 0.10
Mozilla Firefox 0.8
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9
Mozilla Firefox 0.9 Rc
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.7
Mozilla Firefox 1.5.0.12
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.3
Mozilla Firefox 1.5.4
Mozilla Firefox 2.0
Mozilla Firefox 1.8
Mozilla Firefox 2.0.0.14
Mozilla Firefox 2.0.0.18
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0.0.16
Mozilla Firefox 2.0.0.5
Mozilla Firefox 2.0.0.4
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.5
6.5
CVSSv2
CVE-2021-32743
Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. In versions before 2.11.10 and from version 2.12.0 through version 2.12.4, some of the Icinga 2 features that require credent...
Icinga Icinga
Debian Debian Linux 9.0
6.5
CVSSv2
CVE-2020-4638
IBM API Connect's API Manager 2018.4.1.0 up to and including 2018.4.1.12 is vulnerable to privilege escalation. An invitee to an API Provider organization can escalate privileges by manipulating the invitation link. IBM X-Force ID: 185508.
Ibm Api Connect
6.5
CVSSv2
CVE-2019-10132
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative...
Redhat Libvirt
Fedoraproject Fedora -
6.5
CVSSv2
CVE-2018-1859
IBM API Connect 5.0.0.0 up to and including 5.0.8.4 could allow a user authenticated as an administrator with limited rights to escalate their privileges. IBM X-Force ID: 151258.
Ibm Api Connect
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »