Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere portal 8.5.0.0 vulnerabilities and exploits
(subscribe to this query)
490
VMScore
CVE-2016-0245
The XML parser in IBM WebSphere Portal 8.0.x prior to 8.0.0.1 CF20 and 8.5.x prior to 8.5.0.0 CF10 allows remote authenticated users to read arbitrary files or cause a denial of service via an external entity declaration in conjunction with an entity reference, related to an XML ...
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.0.0.0
445
VMScore
CVE-2017-1698
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could reveal sensitive information from an error message that could lead to further attacks against the system. IBM X-Force ID: 124390.
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 9.0.0.0
312
VMScore
CVE-2014-4762
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 up to and including 8.0.0.1 CF13 and 8.5.0 before CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0
312
VMScore
CVE-2018-1820
IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Fo...
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 9.0.0.0
383
VMScore
CVE-2017-1761
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 9.0.0.0
445
VMScore
CVE-2015-1887
IBM WebSphere Portal 7.0.0 up to and including 7.0.0.2 CF29, 8.0.0 prior to 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote malicious users to obtain sensitive Java Content Repository (JCR) information via a crafted request.
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
356
VMScore
CVE-2015-7455
IBM WebSphere Portal 7.x up to and including 7.0.0.2 CF29, 8.0.x prior to 8.0.0.1 CF20, and 8.5.x prior to 8.5.0.0 CF09 uses weak permissions for content items, which allows remote authenticated users to make modifications via the authoring UI.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 7.0.0.2
445
VMScore
CVE-2014-4746
IBM WebSphere Portal 8.0.0 prior to 8.0.0.1 CF13 and 8.5.0 through CF01 provides different error codes for firewall-traversal requests depending on whether the intranet host exists, which allows remote malicious users to map the intranet network via a series of requests.
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.0
694
VMScore
CVE-2015-7419
IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows remote malicious users to cause a denial of service (memory consumption) via crafted requests.
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.1
445
VMScore
CVE-2017-1423
IBM WebSphere Portal 8.5 and 9.0 exposes backend server URLs that are configured for usage by the Web Application Bridge component. IBM X-Force ID: 127476.
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 9.0.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »