CVE-2025-36014

>= 10.1.0.0 and <= 10.1.0.5

IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.5 is vulnerable to code injection by a privileged user with access to the IIB

8.2HIGH

CVE-2024-22356

>= 10.1 and < 10.1.0.3

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.9.0 and IBM Integration Bus for z/OS 10.1 through 10.

4.9MEDIUM

CVE-2024-27265

>= 10.1 and <= 10.1.0.3

IBM Integration Bus for z/OS 10.1 through 10.1.0.3 is vulnerable to cross-site request forgery which could allow an attacker to ex

4.5MEDIUM

CVE-2024-22332

>= 10.1 and <= 10.1.0.2

The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion

6.5MEDIUM

CVE-2023-45176

all versions

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.10.0 and IBM Integration Bus 10.1 through 10.1.0.1 ar

6.2MEDIUM

CVE-2018-1801

>= 9.0.0.0 and <= 9.0.0.10

IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13, IBM Integration Bus V9.0.0.0 throug

5.3MEDIUM

CVE-2017-1418

>= 9.0.0.0 and <= 9.0.0.11

IBM Integration Bus 9.0.0.0, 9.0.0.11, 10.0.0.0, and 10.0.0.14 (including IBM WebSphere Message Broker 8.0.0.0 and 8.0.0.9) has in

4.0MEDIUM

CVE-2017-1693

all versions

IBM Integration Bus 9.0 and 10.0 could allow an attacker that has captured a valid session id to hijack another users session duri

5.6MEDIUM

CVE-2017-1694

all versions

IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be read by an attacker using man in t

8.1HIGH

CVE-2017-1126

all versions

IBM WebSphere Message Broker (IBM Integration Bus 9.0 and 10.0) could allow an unauthorized user to obtain sensitive information a

5.3MEDIUM

CVE-2017-1144

all versions

IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting. IBM X-F

2.5LOW

CVE-2017-1207

all versions

IBM WebSphere Message Broker stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 123

5.5MEDIUM

CVE-2016-9706

all versions

IBM Integration Bus 9.0 and 10.0 and WebSphere Message Broker SOAP FLOWS is vulnerable to a denial of service, caused by an XML Ex

9.1CRITICAL

CVE-2016-9010

all versions

IBM WebSphere Message Broker 9.0 and 10.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading

6.1MEDIUM

CVE-2016-8918

all versions

IBM Integration Bus, under non default configurations, could allow a remote user to authenticate without providing valid credentia

5.9MEDIUM

CVE-2016-0394

all versions

IBM Integration Bus and WebSphere Message broker sets incorrect permissions for an object that could allow a local attacker to man

3.3LOW

CVE-2016-2961

all versions

The integration server in IBM Integration Bus 9 before 9.0.0.6 and 10 before 10.0.0.5 and WebSphere Message Broker 8 before 8.0.0.

5.3MEDIUM

CVE-2015-7399

all versions

IBM WebSphere Message Broker 7 before 7.0.0.8 and 8 before 8.0.0.6 and IBM Integration Bus 9 before 9.0.0.3 and 10 before 10.0.0.0

5.3MEDIUM

CVE-2015-5011

all versions

IBM WebSphere Message Broker 8 before 8.0.0.6 and Integration Bus 9 before 9.0.0.4 do not check authorization for MQSISTARTMSGFLOW

CVE-2015-2018

all versions

IBM Integration Bus 9 and 10 before 10.0.0.1 and WebSphere Message Broker 7 before 7.0.0.8 and 8 before 8.0.0.7 do not ensure that

CVE-2015-0118

all versions

IBM WebSphere Message Broker Toolkit 7 before 7007 IF2 and 8 before 8005 IF1 and Integration Toolkit 9 before 9003 IF1 are distrib

CVE-2014-6170

all versions

The HTTPInput node in IBM WebSphere Message Broker 7.0 before 7.0.0.8 and 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.

CVE-2014-4819

all versions

The web user interface in IBM WebSphere Message Broker 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.0.0.3 allows remote