Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm http server 8.5.0.0 vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2013-0540
IBM WebSphere Application Server (WAS) Liberty Profile 8.5 prior to 8.5.0.2, when SSL is not enabled, does not properly validate authentication cookies, which allows remote authenticated users to bypass intended access restrictions via an HTTP session.
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.0.1
NA
CVE-2023-26281
IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296.
Ibm Http Server 8.5.0.0
4.3
CVSSv2
CVE-2013-5417
Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 7.0 prior to 7.0.0.31, 8.0 prior to 8.0.0.8, and 8.5 prior to 8.5.5.1 allows remote malicious users to inject arbitrary web script or HTML via HTTP response data.
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.0.0.4
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 7.0.0.12
Ibm Websphere Application Server 7.0.0.13
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 7.0.0.21
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 7.0.0.5
Ibm Websphere Application Server 8.0.0.0
Ibm Websphere Application Server 8.0.0.1
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 7.0.0.16
Ibm Websphere Application Server 7.0.0.17
Ibm Websphere Application Server 7.0.0.25
Ibm Websphere Application Server 7.0.0.27
Ibm Websphere Application Server 7.0.0.8
Ibm Websphere Application Server 7.0.0.9
Ibm Websphere Application Server 8.0.0.2
Ibm Websphere Application Server 8.0.0.3
Ibm Websphere Application Server 7.0.0.10
2.9
CVSSv2
CVE-2013-3984
The Meeting Server in IBM Sametime 8.x up to and including 8.5.2.1 and 9.x up to and including 9.0.0.1 does not set the secure flag for an unspecified cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmiss...
Ibm Sametime 8.5.1.0
Ibm Sametime 8.5.0.0
Ibm Sametime 8.0.2.1
Ibm Sametime 8.0.2.0
Ibm Sametime 8.0.1.1
Ibm Sametime 8.5.1.1
Ibm Sametime 8.5.2.0
Ibm Sametime 9.0.0.0
Ibm Sametime 8.5.2.1
Ibm Sametime 8.0.1.0
Ibm Sametime 8.0.0.0
5
CVSSv2
CVE-2014-3021
IBM WebSphere Application Server (WAS) 7.0 prior to 7.0.0.35, 8.0 prior to 8.0.0.10, and 8.5 prior to 8.5.5.4 does not properly handle HTTP headers, which allows remote malicious users to obtain sensitive cookie and authentication data via an unspecified HTTP method.
Ibm Websphere Application Server 7.0.0.11
Ibm Websphere Application Server 7.0.0.12
Ibm Websphere Application Server 7.0.0.19
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 7.0.0.29
Ibm Websphere Application Server 7.0.0.3
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 7.0.0.10
Ibm Websphere Application Server 7.0.0.17
Ibm Websphere Application Server 7.0.0.18
Ibm Websphere Application Server 7.0.0.27
Ibm Websphere Application Server 7.0.0.28
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 7.0.0.5
Ibm Websphere Application Server 8.0.0.1
Ibm Websphere Application Server 8.0.0.2
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 7.0.0.15
Ibm Websphere Application Server 7.0.0.16
4.3
CVSSv2
CVE-2013-3046
The Meeting Server in IBM Sametime 8.x up to and including 8.5.2.1 and 9.x up to and including 9.0.0.1 does not send the HSTS Strict-Transport-Security header, which makes it easier for man-in-the-middle malicious users to hijack sessions or obtain sensitive information by levera...
Ibm Sametime 8.5.2.1
Ibm Sametime 8.5.1.1
Ibm Sametime 8.0.1.0
Ibm Sametime 8.0.0.0
Ibm Sametime 8.5.2.0
Ibm Sametime 8.5.1.0
Ibm Sametime 8.5.0.0
Ibm Sametime 8.0.2.1
Ibm Sametime 9.0.0.1
Ibm Sametime 9.0.0.0
Ibm Sametime 8.0.2.0
Ibm Sametime 8.0.1.1
4.3
CVSSv2
CVE-2016-0359
CRLF injection vulnerability in IBM WebSphere Application Server (WAS) 7.0 prior to 7.0.0.43, 8.0 prior to 8.0.0.13, 8.5 Full prior to 8.5.5.10, and 8.5 Liberty before Liberty Fix Pack 16.0.0.2 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP respon...
Ibm Websphere Application Server 8.5.5.6
Ibm Websphere Application Server 8.5.5.5
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 8.0.0.4
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 7.0.0.39
Ibm Websphere Application Server 7.0.0.41
Ibm Websphere Application Server 7.0.0.38
Ibm Websphere Application Server 7.0.0.31
Ibm Websphere Application Server 7.0.0.3
Ibm Websphere Application Server 7.0.0.21
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 7.0.0.13
Ibm Websphere Application Server 7.0.0.12
Ibm Websphere Application Server 8.5.5.4
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.0.0.3
Ibm Websphere Application Server 8.0.0.2
Ibm Websphere Application Server 7.0.0.9
Ibm Websphere Application Server 7.0.0.8
Ibm Websphere Application Server 7.0.0.37
Ibm Websphere Application Server 8.5.5.8
5
CVSSv2
CVE-2012-2190
IBM Global Security Kit (aka GSKit), as used in IBM HTTP Server in IBM WebSphere Application Server (WAS) 6.1.x prior to 6.1.0.45, 7.0.x prior to 7.0.0.25, 8.0.x prior to 8.0.0.4, and 8.5.x prior to 8.5.0.1, allows remote malicious users to cause a denial of service (daemon crash...
Ibm Websphere Application Server 6.1.0.33
Ibm Websphere Application Server 6.1.0.31
Ibm Websphere Application Server 6.1.0.5
Ibm Websphere Application Server 6.1.0.15
Ibm Websphere Application Server 6.1.0.9
Ibm Websphere Application Server 6.1.0.23
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0.27
Ibm Websphere Application Server 6.1.0.25
Ibm Websphere Application Server 6.1.0.35
Ibm Websphere Application Server 6.1.0.43
Ibm Websphere Application Server 6.1.0.37
Ibm Websphere Application Server 6.1.0.21
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.11
Ibm Websphere Application Server 6.1.0.39
Ibm Websphere Application Server 6.1.0.12
Ibm Websphere Application Server 6.1.0.29
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.2
5
CVSSv2
CVE-2015-1932
IBM WebSphere Application Server 7.x prior to 7.0.0.39, 8.0.x prior to 8.0.0.11, and 8.5.x prior to 8.5.5.7 and WebSphere Virtual Enterprise prior to 7.0.0.7 allow remote malicious users to obtain potentially sensitive information about the proxy-server software by reading the HT...
Ibm Websphere Virtual Enterprise
Ibm Websphere Application Server 7.0.0.11
Ibm Websphere Application Server 7.0.0.12
Ibm Websphere Application Server 7.0.0.13
Ibm Websphere Application Server 7.0.0.14
Ibm Websphere Application Server 7.0.0.21
Ibm Websphere Application Server 7.0.0.22
Ibm Websphere Application Server 7.0.0.31
Ibm Websphere Application Server 7.0.0.32
Ibm Websphere Application Server 7.0.0.6
Ibm Websphere Application Server 7.0.0.7
Ibm Websphere Application Server 8.0.0.3
Ibm Websphere Application Server 8.0.0.4
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 7.0.0.15
Ibm Websphere Application Server 7.0.0.16
Ibm Websphere Application Server 7.0.0.23
Ibm Websphere Application Server 7.0.0.24
Ibm Websphere Application Server 7.0.0.33
Ibm Websphere Application Server 7.0.0.34
Ibm Websphere Application Server 7.0.0.8
4.3
CVSSv2
CVE-2014-6176
IBM WebSphere Process Server 7.0, WebSphere Enterprise Service Bus 7.0, and Business Process Manager Advanced 7.5.x up to and including 7.5.1.2, 8.0.x up to and including 8.0.1.3, and 8.5.x up to and including 8.5.5 disregard the SSL setting in the SCA module HTTP import binding ...
Ibm Business Process Manager 8.0.1.0
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 7.5.0.0
Ibm Business Process Manager 7.5.0.1
Ibm Business Process Manager 7.5.1.0
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.0.1
Ibm Websphere Enterprise Service Bus 7.0
Ibm Websphere Process Server 7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started