The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of IBM API Connect

IBM API Connect Developer Portal: privilege escalation via Credential Caching
An attacker can bypass restrictions via Credential Caching of IBM API Connect Developer Portal, in order to escalate his privileges...
1126833, CVE-2019-4444, VIGILANCE-VUL-31171
IBM API Connect: information disclosure via Developer Portal
An attacker can bypass access restrictions to data via Developer Portal of IBM API Connect, in order to obtain sensitive information...
1079127, CVE-2019-4600, VIGILANCE-VUL-30714
Kubernetes: infinite loop via Json/yaml Decoding
An attacker can trigger an infinite loop via Json/yaml Decoding of Kubernetes, in order to trigger a denial of service...
1167142, CVE-2019-11253, VIGILANCE-VUL-30640
IBM API Connect: directory traversal
An attacker can traverse directories of IBM API Connect, in order to read a file outside the service root path...
CVE-2019-4460, ibm10960848, VIGILANCE-VUL-30119
IBM API Connect: information disclosure via API Swagger
An attacker can bypass access restrictions to data via API Swagger of IBM API Connect, in order to obtain sensitive information...
CVE-2019-4437, ibm10960876, VIGILANCE-VUL-30118
Go: information disclosure via Message Forgery
An attacker can bypass access restrictions to data via Message Forgery of Go, in order to obtain sensitive information...
CVE-2019-11841, DLA-1920-1, ibm10960884, VIGILANCE-VUL-30047
Go: executing DLL code
An attacker can create a malicious DLL, and then put it in the current directory of Go, in order to execute code...
CVE-2019-9634, ibm10960882, VIGILANCE-VUL-30046
Go: information disclosure via Process Creation
An attacker can bypass access restrictions to data via Process Creation of Go, in order to obtain sensitive information...
CVE-2019-11888, ibm10960850, VIGILANCE-VUL-30045
IBM API Connect: denial of service via Unprotected API
An attacker can trigger a fatal error via Unprotected API of IBM API Connect, in order to trigger a denial of service...
CVE-2019-4402, ibm10958193, VIGILANCE-VUL-30044
Kubernetes: file creation via Kubectl Cp
A local attacker can create or overwrite a file when "kubectl cp" is used...
1167154, 80984, CVE-2019-11249, FEDORA-2019-2b8ef08c95, VIGILANCE-VUL-29949
Our database contains other pages. You can request a free trial to read them.

Display information about IBM API Connect: