Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
websphere application server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-46158
IBM WebSphere Application Server Liberty 23.0.0.9 up to and including 23.0.0.10 could provide weaker than expected security due to improper resource expiration handling. IBM X-Force ID: 268775.
Ibm Websphere Application Server Liberty
9.8
CVSSv3
CVE-2023-23477
IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote malicious user to execute arbitrary code on the system with a specially crafted sequence of serialized objects. IBM X-Force ID: 245513.
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
9.8
CVSSv3
CVE-2020-4589
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 184585.
Ibm Websphere Application Server
9.8
CVSSv3
CVE-2020-4448
IBM WebSphere Application Server Network Deployment 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 181228.
Ibm Websphere Application Server
Ibm Websphere Virtual Enterprise 7.0
Ibm Websphere Virtual Enterprise 8.0
9.8
CVSSv3
CVE-2020-4450
IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote malicious user to execute arbitrary code on the system with a specially-crafted sequence of serialized objects. IBM X-Force ID: 181231.
Ibm Websphere Application Server
2 Github repositories
9.8
CVSSv3
CVE-2019-8352
By default, BMC PATROL Agent up to and including 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services. If an attacker were able to capture this network traffic, they could decrypt these credentials ...
Bmc Patrol Agent
1 EDB exploit
9.8
CVSSv3
CVE-2019-4279
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote malicious user to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 160445.
Ibm Websphere Application Server 7.0.0.0
Ibm Websphere Application Server
1 Github repository
9.8
CVSSv3
CVE-2018-1904
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote malicious users to execute arbitrary Java code through an administrative client class with a serialized object from untrusted sources. IBM X-Force ID: 152533.
Ibm Websphere Application Server
9.8
CVSSv3
CVE-2018-1851
IBM WebSphere Application Server Liberty OpenID Connect could allow a remote malicious user to execute arbitrary code on the system, caused by improper deserialization. By sending a specially-crafted request to the RP service, an attacker could exploit this vulnerability to execu...
Ibm Websphere Application Server
9.8
CVSSv3
CVE-2018-1567
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote malicious users to execute arbitrary Java code through the SOAP connector with a serialized object from untrusted sources. IBM X-Force ID: 143024.
Ibm Websphere Application Server
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »