ICE (NYSE: ICE) connects people to data, technology and expertise that create opportunity and inspire innovation. For terms of use, visit www.ice.com/privacy-security-center/terms-of-use
Bloomberg is a global leader in business and financial information, delivering trusted data, news, and insights that bring transparency and efficiency, and fairness to markets. We help connect influential communities across the global financial ecosystem via reliable technology solutions that enable our customers to make more informed decisions and foster better collaboration. We challenge the status quo through constant innovation. We collaborate broadly because we know that other perspectives matter. We put our customers first, as a guiding beacon. And we believe doing the right thing – by our people, our clients, and our communities – is the best thing for our business.
Security & Compliance Standards Overview
No incidents recorded for ICE in 2025.
No incidents recorded for Bloomberg in 2025.
ICE cyber incidents detection timeline including parent company and subsidiaries
Bloomberg cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.
A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."
MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.
A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).
