Excellent
Blvd. Chefchaouni, Rue E Rte. 110, Ain Sebaa, Casablanca, 20250, Morocco ()212 0522 34 53 00, 212 0522 35 45 80 fax,
Excellent
Tentang Kapal Api Global Kapal Api Global adalah holding company yang menaungi beberapa Strategic Business Unit, antara lain PT. Agel Langgeng, PT. Excelso Multirasa, PT. Fastrata Buana, PT. Sulotco Jaya Abadi, PT. Santos Jaya Abadi, dan PT. Santos Premium Krimer. Beberapa produk unggulannya antara lain Kopi Kapal Api, Kopi ABC and Kopi Good Day; Relaxa & Gingerbon Candy; Biskuit Lovy; dan cafe Excelso, telah menjadi yang terdepan di pasar Indonesia, Asia dan Global.
Security & Compliance Standards Overview
No incidents recorded for Bimo in 2025.
No incidents recorded for PT Kapal Api Global in 2025.
Bimo cyber incidents detection timeline including parent company and subsidiaries
PT Kapal Api Global cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in The Wikimedia Foundation MediaWiki Cargo extension allows SQL Injection.This issue affects MediaWiki Cargo extension: 1.39, 1.43, 1.44.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki QuizGame extension allows Stored XSS.This issue affects MediaWiki QuizGame extension: 1.39, 1.43, 1.44.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki PollNY extension allows Stored XSS.This issue affects MediaWiki PollNY extension: 1.39, 1.43, 1.44.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki WebAuthn extension allows Stored XSS.This issue affects MediaWiki WebAuthn extension: 1.39, 1.43, 1.44.
pyquokka is a framework for making data lakes work for time series. In versions 0.3.1 and prior, the FlightServer class directly uses pickle.loads() to deserialize action bodies received from Flight clients without any sanitization or validation in the do_action() method. The vulnerable code is located in pyquokka/flight.py at line 283 where arbitrary data from Flight clients is directly passed to pickle.loads(). When FlightServer is configured to listen on 0.0.0.0, this allows attackers across the entire network to perform arbitrary remote code execution by sending malicious pickled payloads through the set_configs action. Additional vulnerability points exist in the cache_garbage_collect, do_put, and do_get functions where pickle.loads is used to deserialize untrusted remote data.
