The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of I-Connect

IBM API Connect: information disclosure via URIs
An attacker can bypass access restrictions to data via URIs of IBM API Connect, in order to obtain sensitive information...
CVE-2019-4051, ibm10879395, VIGILANCE-VUL-28943
IBM API Connect: information disclosure via Weak Cryptographic Algorithms
An attacker can bypass access restrictions to data via Weak Cryptographic Algorithms of IBM API Connect, in order to obtain sensitive information...
CVE-2018-2007, ibm10874952, ibm10878905, VIGILANCE-VUL-28895
IBM API Connect: information disclosure via Caching
An attacker can bypass access restrictions to data via Caching of IBM API Connect, in order to obtain sensitive information...
CVE-2018-1874, ibm10876994, VIGILANCE-VUL-28884
IBM API Connect: information disclosure via Login Ids
An attacker can bypass access restrictions to data via Login Ids of IBM API Connect, in order to obtain sensitive information...
CVE-2019-4052, ibm10874248, VIGILANCE-VUL-28791
Drupal Core: Cross Site Scripting via File Module/Subsystem
An attacker can trigger a Cross Site Scripting via File Module/Subsystem of Drupal Core, in order to run JavaScript code in the context of the web site...
CVE-2019-6341, DLA-1746-1, DRUPAL-SA-CORE-2019-004, DSA-4412-1, FEDORA-2019-2fbce03df3, FEDORA-2019-35589cfcb5, ibm10879443, Synology-SA-19:13, VIGILANCE-VUL-28786, ZDI-19-291
IBM API Connect: information disclosure via Consumer API
An attacker can bypass access restrictions to data via Consumer API of IBM API Connect, in order to obtain sensitive information...
CVE-2018-2009, ibm10794327, VIGILANCE-VUL-28717
Drupal EU Cookie Compliance: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal EU Cookie Compliance, in order to run JavaScript code in the context of the web site...
DRUPAL-SA-CONTRIB-2019-033, ibm10878775, VIGILANCE-VUL-28683
Kubernetes: infinite loop via API Server json-patch
An attacker can trigger an infinite loop via API Server json-patch of Kubernetes, in order to trigger a denial of service...
CVE-2019-1002100, ibm10879473, VIGILANCE-VUL-28640
Node Core: five vulnerabilities
An attacker can use several vulnerabilities of Node Core...
CVE-2018-12116, CVE-2018-12120, CVE-2018-12121, CVE-2018-12122, CVE-2018-12123, ibm10787619, ibm10794537, ibm10878136, K37111863, openSUSE-SU-2019:0088-1, openSUSE-SU-2019:0089-1, openSUSE-SU-2019:0234-1, RHSA-2019:1821-01, RHSA-2019:2258-01, RHSA-2019:3497-01, SUSE-SU-2019:0117-1, SUSE-SU-2019:0118-1, SUSE-SU-2019:0395-1, VIGILANCE-VUL-27900
IBM GSKit: infinite loop of SSL
An attacker can send malicious SSL/TLS messages to applications using IBM GSKit, in order to trigger a denial of service...
1610582, 1671732, 1672724, 1673008, 1673018, 1673666, 1673696, 1674047, 1674824, 1674825, 1681114, 7042179, CVE-2014-0963, VIGILANCE-VUL-14775
Our database contains other pages. You can request a free trial to read them.