The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of IBM API Connect

IBM API Connect: Cross Site Scripting via Web UI
An attacker can trigger a Cross Site Scripting via Web UI of IBM API Connect, in order to run JavaScript code in the context of the web site...
6209125, CVE-2020-4251, VIGILANCE-VUL-32528
Drupal Core 7: open redirect via drupal_goto
An attacker can deceive the user via drupal_goto() of Drupal Core 7, in order to redirect him to a malicious site...
6226330, CVE-2020-13662, DLA-2250-1, DRUPAL-SA-CORE-2020-002, DRUPAL-SA-CORE-2020-003, FEDORA-2020-11be4b36d4, VIGILANCE-VUL-32314
PHP: memory leak
An attacker can create a memory leak of PHP, in order to trigger a denial of service...
6253313, 78875, 78876, CERTFR-2020-AVI-292, CERTFR-2020-AVI-371, CVE-2019-11048, DLA-2261-1, DSA-4717-1, DSA-4719-1, FEDORA-2020-3ea2253402, FEDORA-2020-8838d072d5, FEDORA-2020-9fa7f4e25c, openSUSE-SU-2020:0847-1, SUSE-SU-2020:1661-1, SUSE-SU-2020:1661-2, SUSE-SU-2020:1714-1, USN-4375-1, VIGILANCE-VUL-32274
IBM API Connect: information disclosure via management server
An attacker can bypass access restrictions to data via management server of IBM API Connect, in order to obtain sensitive information...
6208032, 6208039, 6208048, 6208052, 6208328, 6208330, 6208332, 6208333, 6208336, CVE-2020-4346, VIGILANCE-VUL-32230
IBM API Connect: privilege escalation via clickjacking
An attacker can bypass restrictions via clickjacking of IBM API Connect, in order to escalate his privileges...
6208032, 6208039, 6208048, 6208052, 6208328, 6208330, 6208332, 6208333, 6208336, CVE-2020-4195, VIGILANCE-VUL-32229
PHP: multiple vulnerabilities
An attacker can use several vulnerabilities of PHP...
6250489, 79330, 79465, CERTFR-2020-AVI-228, CVE-2020-7067, DLA-2188-1, DSA-4717-1, DSA-4719-1, FEDORA-2020-62ee541bbb, FEDORA-2020-96cb012029, VIGILANCE-VUL-32047
jQuery Core: Cross Site Scripting via HtmlPrefilter Regex
An attacker can trigger a Cross Site Scripting via HtmlPrefilter Regex of jQuery Core, in order to run JavaScript code in the context of the web site...
20200601, 20200602, 20200603, 20200604, 20200605, 6217392, 6253319, CERTFR-2020-AVI-310, CERTFR-2020-AVI-335, cpujul2020, CVE-2020-11022, CVE-2020-11023, DRUPAL-SA-CORE-2020-002, DRUPAL-SA-CORE-2020-003, DSA-4693-1, FEDORA-2020-11be4b36d4, FEDORA-2020-7dddce530c, FEDORA-2020-8a15713da2, K02453220, K66544153, NPM-1518, openSUSE-SU-2020:1060-1, openSUSE-SU-2020:1106-1, VIGILANCE-VUL-32007
Kubernetes: overload via kube-apiserver YAML
An attacker can trigger an overload via kube-apiserver YAML of Kubernetes, in order to trigger a denial of service...
6208032, 6208039, 6208048, 6208052, 6208328, 6208330, 6208332, 6208333, 6208336, 89535, CVE-2019-11254, VIGILANCE-VUL-31915
Kubernetes: denial of service via API Server
An attacker can trigger a fatal error via API Server of Kubernetes, in order to trigger a denial of service...
6234196, CVE-2020-8552, VIGILANCE-VUL-31861
Kubernetes: denial of service via Kubelet
An attacker can trigger a fatal error via Kubelet of Kubernetes, in order to trigger a denial of service...
6234196, CVE-2020-8551, VIGILANCE-VUL-31860
Our database contains other pages. You can request a free trial to read them.

Display information about IBM API Connect: