Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
connect vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-4827
IBM API Connect 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.13 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM ...
Ibm Api Connect 10.0.0.0
Ibm Api Connect 10.0.1.0
Ibm Api Connect
6.4
CVSSv2
CVE-2020-4828
IBM API Connect 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.13 is vulnerable to web cache poisoning, caused by improper input validation by modifying HTTP request headers. IBM X-Force ID: 189842.
Ibm Api Connect 10.0.0.0
Ibm Api Connect 10.0.1.0
Ibm Api Connect
4
CVSSv2
CVE-2016-0211
IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted DRDA message.
Ibm Db2 Connect 9.8.0.1
Ibm Db2 Connect 9.8.0.5
Ibm Db2 Connect 9.8.0.3
Ibm Db2 Connect 9.8.0.2
Ibm Db2 9.8.0.3
Ibm Db2 9.8.0.2
Ibm Db2 9.8.0.1
Ibm Db2 9.8.0.4
Ibm Db2 9.8.0.5
Ibm Db2 9.8
Ibm Db2 Connect 9.8.0.4
Ibm Db2 Connect 9.8
Ibm Db2 Connect 10.5.0.7
Ibm Db2 Connect 10.5.0.6
Ibm Db2 Connect 10.5.0.5
Ibm Db2 Connect 10.5.0.4
Ibm Db2 10.5.0.7
Ibm Db2 10.5.0.6
Ibm Db2 10.5.0.5
Ibm Db2 10.5.0.4
Ibm Db2 10.5.0.3
Ibm Db2 10.5.0.2
4.3
CVSSv2
CVE-2010-4590
Cross-site scripting (XSS) vulnerability in HTTP Access Services (HTTP-AS) in the Connection Manager in IBM Lotus Mobile Connect (LMC) prior to 6.1.4 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.2
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect 6.1.1
4.4
CVSSv2
CVE-2010-4591
The Connection Manager in IBM Lotus Mobile Connect (LMC) prior to 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not delete LTPA tokens in response to use of the iNotes Logoff button, which might allow physically proximate malicious users to obtain access via an unat...
Ibm Lotus Mobile Connect 6.1.2
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.1
4.3
CVSSv2
CVE-2010-4592
The Mobile Network Connections functionality in the Connection Manager in IBM Lotus Mobile Connect prior to 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly handle failed attempts at establishing HTTP-TCP sessions, which allows remote malicious users to ca...
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect 6.1.1
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.2
4
CVSSv2
CVE-2010-4593
The Connection Manager in IBM Lotus Mobile Connect prior to 6.1.4 does not properly maintain a certain reference count, which allows remote authenticated users to cause a denial of service (IP address exhaustion) by making invalid attempts to establish sessions with the same VPN ...
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.2
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect 6.1.1
4.3
CVSSv2
CVE-2010-4594
The Connection Manager in IBM Lotus Mobile Connect prior to 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly process TCP connection requests, which allows remote malicious users to cause a denial of service (memory consumption and HTTP-AS hang) by making m...
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.2
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect 6.1.1
5
CVSSv2
CVE-2010-4595
The Connection Manager in IBM Lotus Mobile Connect prior to 6.1.4 disables the http.device.stanza blacklisting functionality for HTTP Access Services (HTTP-AS), which allows remote malicious users to bypass intended access restrictions via an HTTP request that contains a disallow...
Ibm Lotus Mobile Connect 6.1.1
Ibm Lotus Mobile Connect
Ibm Lotus Mobile Connect 6.1.1.1
Ibm Lotus Mobile Connect 6.1.2
6.8
CVSSv2
CVE-2013-2989
The file-copying functionality in IBM Sterling Connect:Direct 3.8.00, 4.0.00, and 4.1.0 for UNIX on AIX 6.1 up to and including 7.1 uses incorrect privileges, which allows local users to bypass filesystem read permissions and write permissions by leveraging authentication to the ...
Ibm Sterling Connect 4.1.0.0
Ibm Sterling Connect 4.0.00
Ibm Sterling Connect 3.8.00
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »