The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of IBM API Connect

2 IBM API Connect: directory traversal
An attacker can traverse directories of IBM API Connect, in order to read a file outside the service root path...
CVE-2019-4460, ibm10960848, VIGILANCE-VUL-30119
2 IBM API Connect: information disclosure via API Swagger
An attacker can bypass access restrictions to data via API Swagger of IBM API Connect, in order to obtain sensitive information...
CVE-2019-4437, ibm10960876, VIGILANCE-VUL-30118
2 Go: information disclosure via Message Forgery
An attacker can bypass access restrictions to data via Message Forgery of Go, in order to obtain sensitive information...
CVE-2019-11841, DLA-1920-1, ibm10960884, VIGILANCE-VUL-30047
2 Go: executing DLL code
An attacker can create a malicious DLL, and then put it in the current directory of Go, in order to execute code...
CVE-2019-9634, ibm10960882, VIGILANCE-VUL-30046
2 Go: information disclosure via Process Creation
An attacker can bypass access restrictions to data via Process Creation of Go, in order to obtain sensitive information...
CVE-2019-11888, ibm10960850, VIGILANCE-VUL-30045
2 IBM API Connect: denial of service via Unprotected API
An attacker can trigger a fatal error via Unprotected API of IBM API Connect, in order to trigger a denial of service...
CVE-2019-4402, ibm10958193, VIGILANCE-VUL-30044
2 Node.js static-resource-server: file reading via Appended Slash
A local attacker can read a file via Appended Slash of Node.js static-resource-server, in order to obtain sensitive information...
CVE-2018-16493, ibm10958783, VIGILANCE-VUL-29941
2 Drupal Advanced Forum: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Drupal Advanced Forum, in order to run JavaScript code in the context of the web site...
DRUPAL-SA-CONTRIB-2019-054, ibm10960880, VIGILANCE-VUL-29635
2 IBM API Connect: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of IBM API Connect, in order to force the victim to perform operations...
CVE-2018-1858, ibm10794169, VIGILANCE-VUL-29627
2 Kubernetes: directory traversal via kubectl cp
An attacker can traverse directories via kubectl cp of Kubernetes, in order to read a file outside the service root path...
CVE-2019-11246, FEDORA-2019-2b8ef08c95, ibm10960606, VIGILANCE-VUL-29589
Our database contains other pages. You can request a free trial to read them.

Display information about IBM API Connect: