Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere application server vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-1194
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 123669.
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
6.8
CVSSv2
CVE-2017-1151
IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID Connect (OIDC) configured with a Trust Association Interceptor (TAI) could allow a user to gain elevated privileges on the system. IBM Reference #: 1999293.
Ibm Websphere Application Server 8.5.5
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
6.8
CVSSv2
CVE-2015-1927
The default configuration of IBM WebSphere Application Server (WAS) 7.0.0 prior to 7.0.0.39, 8.0.0 prior to 8.0.0.11, and 8.5 prior to 8.5.5.6 has a false value for the com.ibm.ws.webcontainer.disallowServeServletsByClassname WebContainer property, which allows remote malicious u...
Ibm Websphere Application Server 7.0.0.13
Ibm Websphere Application Server 7.0.0.11
Ibm Websphere Application Server 7.0.0.12
Ibm Websphere Application Server 7.0.0.19
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 7.0.0.29
Ibm Websphere Application Server 7.0.0.3
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 7.0.0.5
Ibm Websphere Application Server 8.0.0.10
Ibm Websphere Application Server 8.0.0.2
Ibm Websphere Application Server 8.0.0.9
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.5.5
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 7.0.0.10
Ibm Websphere Application Server 7.0.0.17
Ibm Websphere Application Server 7.0.0.18
Ibm Websphere Application Server 7.0.0.25
Ibm Websphere Application Server 7.0.0.27
Ibm Websphere Application Server 7.0.0.37
6.8
CVSSv2
CVE-2013-4053
The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.47, 7.0 prior to 7.0.0.31, 8.0 prior to 8.0.0.8, and 8.5 prior to 8.5.5.1, and WAS Feature Pack for Web Services 6.1 prior to 6.1.0.47, when a trust store is configured for XML Digital Sig...
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 7.0.0.14
Ibm Websphere Application Server 7.0.0.15
Ibm Websphere Application Server 7.0.0.22
Ibm Websphere Application Server 7.0.0.23
Ibm Websphere Application Server 7.0.0.6
Ibm Websphere Application Server 7.0.0.7
Ibm Websphere Application Server 7.0.0.10
Ibm Websphere Application Server 7.0.0.11
Ibm Websphere Application Server 7.0.0.18
Ibm Websphere Application Server 7.0.0.19
Ibm Websphere Application Server 7.0.0.27
Ibm Websphere Application Server 7.0.0.29
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 7.0.0.16
Ibm Websphere Application Server 7.0.0.17
Ibm Websphere Application Server 7.0.0.24
Ibm Websphere Application Server 7.0.0.25
6.8
CVSSv2
CVE-2013-3029
Cross-site request forgery (CSRF) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.47, 7.0 prior to 7.0.0.31, 8.0 prior to 8.0.0.7, and 8.5 prior to 8.5.5.1 allows remote malicious users to hijack the authentication of arbit...
Ibm Websphere Application Server 8.0.0.0
Ibm Websphere Application Server 8.0.0.1
Ibm Websphere Application Server 8.0.0.2
Ibm Websphere Application Server 8.0.0.3
Ibm Websphere Application Server 8.0.0.4
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 8.0.0.6
Ibm Websphere Application Server 7.0.0.29
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 7.0.0.15
Ibm Websphere Application Server 7.0.0.16
Ibm Websphere Application Server 7.0.0.23
Ibm Websphere Application Server 7.0.0.24
Ibm Websphere Application Server 7.0.0.7
Ibm Websphere Application Server 7.0.0.8
Ibm Websphere Application Server 7.0.0.9
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 7.0.0.10
Ibm Websphere Application Server 7.0.0.17
Ibm Websphere Application Server 7.0.0.18
Ibm Websphere Application Server 7.0.0.25
Ibm Websphere Application Server 7.0.0.27
6.8
CVSSv2
CVE-2013-0543
IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.47, 7.0 prior to 7.0.0.29, 8.0 prior to 8.0.0.6, and 8.5 prior to 8.5.0.2 on Linux, Solaris, and HP-UX, when a Local OS registry is used, does not properly validate user accounts, which allows remote malicious users to byp...
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0.5
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.0.9
Ibm Websphere Application Server 6.1.0.11
Ibm Websphere Application Server 6.1.0.12
Ibm Websphere Application Server 6.1.0.13
Ibm Websphere Application Server 6.1.0.14
Ibm Websphere Application Server 6.1.0.15
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.21
Ibm Websphere Application Server 6.1.0.23
Ibm Websphere Application Server 6.1.0.25
Ibm Websphere Application Server 6.1.0.27
Ibm Websphere Application Server 6.1.0.29
Ibm Websphere Application Server 6.1.0.31
Ibm Websphere Application Server 6.1.0.33
Ibm Websphere Application Server 6.1.0.35
6.8
CVSSv2
CVE-2013-0460
Cross-site request forgery (CSRF) vulnerability in the portlet subsystem in the administrative console in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.47 and 7.0 prior to 7.0.0.27 allows remote malicious users to hijack the authentication of arbitrary users for reque...
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0.15
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.35
Ibm Websphere Application Server 6.1.0.37
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.12
Ibm Websphere Application Server 6.1.0.13
Ibm Websphere Application Server 6.1.0.14
Ibm Websphere Application Server 6.1.0.27
Ibm Websphere Application Server 6.1.0.33
Ibm Websphere Application Server 6.1.0.5
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.21
Ibm Websphere Application Server 6.1.0.39
Ibm Websphere Application Server 6.1.0.41
Ibm Websphere Application Server 6.1.0.29
Ibm Websphere Application Server 6.1.0.31
Ibm Websphere Application Server 6.1.0.9
6.8
CVSSv2
CVE-2012-4853
Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Application Server 6.1 prior to 6.1.0.45, 7.0 prior to 7.0.0.25, 8.0 prior to 8.0.0.5, and 8.5 prior to 8.5.0.1 allows remote malicious users to hijack the authentication of arbitrary users for requests that trigger...
Ibm Websphere Application Server 6.1.13
Ibm Websphere Application Server 6.1.0.29
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0
Ibm Websphere Application Server 6.1.0.27
Ibm Websphere Application Server 6.1.0.39
Ibm Websphere Application Server 6.1.14
Ibm Websphere Application Server 6.1.0.35
Ibm Websphere Application Server 6.1.0.37
Ibm Websphere Application Server 6.1.0.21
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.12
Ibm Websphere Application Server 6.1.0.11
Ibm Websphere Application Server 6.1.6
Ibm Websphere Application Server 6.1.5
Ibm Websphere Application Server 6.1.0.23
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0.25
6.8
CVSSv2
CVE-2012-3306
IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.45, 7.0 prior to 7.0.0.25, 8.0 prior to 8.0.0.5, and 8.5 prior to 8.5.0.1, when multi-domain support is configured, does not purge password data from the authentication cache, which has unspecified impact and remote attack...
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0.4
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 7.0.0.9
Ibm Websphere Application Server 6.1.0.27
Ibm Websphere Application Server 6.1.0.41
Ibm Websphere Application Server 6.1.0.33
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.25
Ibm Websphere Application Server 7.0.0.7
Ibm Websphere Application Server 8.0.0.3
Ibm Websphere Application Server 8.0.0.0
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 7.0.0.21
Ibm Websphere Application Server 7.0.0.3
Ibm Websphere Application Server 6.1.0.9
Ibm Websphere Application Server 6.1.0
Ibm Websphere Application Server 6.1.0.21
Ibm Websphere Application Server 6.1.0.37
Ibm Websphere Application Server 6.1.0.31
6.8
CVSSv2
CVE-2012-3304
The Administrative Console in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.45, 7.0 prior to 7.0.0.25, 8.0 prior to 8.0.0.5, and 8.5 prior to 8.5.0.1 allows remote malicious users to hijack sessions via unspecified vectors.
Ibm Websphere Application Server 6.1.0.4
Ibm Websphere Application Server 6.1.0.5
Ibm Websphere Application Server 7.0.0.9
Ibm Websphere Application Server 6.1.0.35
Ibm Websphere Application Server 6.1.0.43
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.29
Ibm Websphere Application Server 6.1.0.39
Ibm Websphere Application Server 7.0.0.13
Ibm Websphere Application Server 8.0.0.1
Ibm Websphere Application Server 7.0.0.10
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 7.0.0.3
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 7.0.0.21
Ibm Websphere Application Server 6.1.0.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »