The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of IBM API Connect

IBM API Connect: Cross Site Scripting via Web UI
An attacker can trigger a Cross Site Scripting via Web UI of IBM API Connect, in order to run JavaScript code in the context of the web site...
6410506, CVE-2020-4825, CVE-2020-4925, VIGILANCE-VUL-34462
IBM API Connect: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of IBM API Connect, in order to force the victim to perform operations...
6410912, CVE-2020-4826, VIGILANCE-VUL-34463
IBM API Connect: spoofing via Web Cache Poisoning
An attacker can create spoofed data via Web Cache Poisoning of IBM API Connect, in order to deceive the victim...
6410498, CVE-2020-4828, VIGILANCE-VUL-34461
IBM API Connect: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of IBM API Connect, in order to force the victim to perform operations...
6410500, CVE-2020-4827, VIGILANCE-VUL-34460
IBM API Connect: information disclosure via URL Fragment Identifiers
An attacker can bypass access restrictions to data via URL Fragment Identifiers of IBM API Connect, in order to obtain sensitive information...
6410486, CVE-2020-4640, VIGILANCE-VUL-34459
Docker Engine/Moby: denial of service via Image Pull
An attacker can trigger a fatal error via Image Pull of Docker Engine/Moby, in order to trigger a denial of service...
6427671, CVE-2021-21285, DSA-4865-1, GHSA-6fj5-m822-rqx8, openSUSE-SU-2021:0278-1, SUSE-SU-2021:0435-1, SUSE-SU-2021:0445-1, VIGILANCE-VUL-34456
Docker Engine/Moby: read-write access via Remapped Root
An attacker can bypass access restrictions via Remapped Root of Docker Engine/Moby, in order to read or alter data...
6427671, CVE-2021-21284, DSA-4865-1, GHSA-7452-xqpj-6rpc, openSUSE-SU-2021:0278-1, SUSE-SU-2021:0435-1, SUSE-SU-2021:0445-1, VIGILANCE-VUL-34455
Archive_Tar: directory traversal via Tar.php
An attacker can traverse directories via Tar.php of Archive_Tar, in order to create a file outside the service root path...
6440659, CERTFR-2021-AVI-050, CVE-2020-36193, DLA-2530-1, DLA-2621-1, DRUPAL-SA-CORE-2021-001, FEDORA-2021-02996612f6, FEDORA-2021-dc7de65eed, USN-4723-1, VIGILANCE-VUL-34382
IBM API Connect: Cross Site Scripting via Web UI
An attacker can trigger a Cross Site Scripting via Web UI of IBM API Connect, in order to run JavaScript code in the context of the web site...
6402719, CVE-2020-4838, VIGILANCE-VUL-34272
Node Core: read-write access via HTTP Request Smuggling
An attacker can bypass access restrictions via HTTP Request Smuggling of Node Core, in order to read or alter data...
6440625, CVE-2020-8287, DSA-4826-1, FEDORA-2021-d5b2c18fe6, FEDORA-2021-fb1a136393, openSUSE-SU-2021:0064-1, openSUSE-SU-2021:0065-1, openSUSE-SU-2021:0066-1, openSUSE-SU-2021:0082-1, openSUSE-SU-2021:0195-1, RHSA-2021:0421-01, RHSA-2021:0485-01, RHSA-2021:0521-01, RHSA-2021:0548-01, RHSA-2021:0549-01, RHSA-2021:0551-01, SUSE-SU-2021:0060-1, SUSE-SU-2021:0061-1, SUSE-SU-2021:0062-1, SUSE-SU-2021:0068-1, SUSE-SU-2021:0082-1, SUSE-SU-2021:0107-1, SUSE-SU-2021:0121-1, SUSE-SU-2021:0224-1, VIGILANCE-VUL-34242
Our database contains other pages. You can request a free trial to read them.

Display information about IBM API Connect: