Filtered by vendor Ibm
Subscriptions
Filtered by product Webmethods Integration
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-36048 | 7 Apple, Ibm, Linux and 4 more | 7 Macos, Webmethods Integration, Linux Kernel and 4 more | 2025-08-13 | 7.2 High |
| IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their privileges when handling external entities due to execution with unnecessary privileges. | ||||
| CVE-2025-36049 | 7 Apple, Ibm, Linux and 4 more | 7 Macos, Webmethods Integration, Linux Kernel and 4 more | 2025-08-13 | 8.8 High |
| IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands. | ||||
| CVE-2024-45074 | 2 Ibm, Softwareag | 2 Webmethods Integration, Webmethods | 2024-09-06 | 6.5 Medium |
| IBM webMethods Integration 10.15 could allow an authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. | ||||
| CVE-2024-45075 | 2 Ibm, Softwareag | 2 Webmethods Integration, Webmethods | 2024-09-06 | 8.8 High |
| IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their privileges to administrator due to missing authentication. | ||||
| CVE-2024-45076 | 2 Ibm, Softwareag | 2 Webmethods Integration, Webmethods | 2024-09-06 | 9.9 Critical |
| IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute arbitrary files which could be executed on the underlying operating system. | ||||
Page 1 of 1.