Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere application server 8.0 vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2017-1151
IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID Connect (OIDC) configured with a Trust Association Interceptor (TAI) could allow a user to gain elevated privileges on the system. IBM Reference #: 1999293.
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5.5
Ibm Websphere Application Server 8.5
4.3
CVSSv3
CVE-2017-1741
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to obtain sensitive information caused by improper handling of Administrative Console panel fields. When exploited an attacker could read files on the file system. IBM X-Force ID: 134931.
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
7.5
CVSSv3
CVE-2016-8919
IBM WebSphere Application Server may be vulnerable to a denial of service, caused by allowing serialized objects from untrusted sources to run and cause the consumption of resources.
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5.5
6.5
CVSSv3
CVE-2019-4732
IBM SDK, Java Technology Edition Version 7.0.0.0 up to and including 7.0.10.55, 7.1.0.0 up to and including 7.1.4.55, and 8.0.0.0 up to and including 8.0.6.0 could allow a local authenticated malicious user to execute arbitrary code on the system, caused by DLL search order hijac...
Ibm Sdk
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
8.1
CVSSv3
CVE-2017-1137
IBM WebSphere Application Server 8.0 and 8.5.5 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to the admin console. IBM X-Force ID: 121549.
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5.5
Ibm Websphere Application Server 8.5
5.3
CVSSv3
CVE-2016-9736
IBM WebSphere Application Server using malformed SOAP requests could allow a remote malicious user to obtain sensitive information.
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
7.5
CVSSv3
CVE-2016-5983
IBM WebSphere Application Server (WAS) 7.0 prior to 7.0.0.43, 8.0 prior to 8.0.0.13, 8.5 prior to 8.5.5.11, 9.0 prior to 9.0.0.2, and Liberty prior to 16.0.0.4 allows remote authenticated users to execute arbitrary Java code via a crafted serialized object.
Ibm Websphere Application Server 7.0.0.14
Ibm Websphere Application Server 8.5.5.6
Ibm Websphere Application Server 7.0.0.12
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 7.0.0.37
Ibm Websphere Application Server 7.0.0.31
Ibm Websphere Application Server 7.0.0.24
Ibm Websphere Application Server 7.0.0.25
Ibm Websphere Application Server 7.0.0.33
Ibm Websphere Application Server 7.0.0.5
Ibm Websphere Application Server 7.0.0.18
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 7.0.0.15
Ibm Websphere Application Server 8.0.0.11
Ibm Websphere Application Server 8.5.5.8
Ibm Websphere Application Server 7.0.0.23
Ibm Websphere Application Server 7.0.0.38
Ibm Websphere Application Server 8.0.0.7
Ibm Websphere Application Server 7.0.0.9
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 7.0.0.11
1 Github repository
7.5
CVSSv3
CVE-2016-5986
IBM WebSphere Application Server (WAS) 7.x prior to 7.0.0.43, 8.0.x prior to 8.0.0.13, 8.5.x prior to 8.5.5.11, 9.0.x prior to 9.0.0.2, and Liberty prior to 16.0.0.3 mishandles responses, which allows remote malicious users to obtain sensitive information via unspecified vectors.
Ibm Websphere Application Server 7.0.0.14
Ibm Websphere Application Server 8.5.5.6
Ibm Websphere Application Server 7.0.0.12
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 7.0.0.37
Ibm Websphere Application Server 7.0.0.31
Ibm Websphere Application Server 7.0.0.24
Ibm Websphere Application Server 7.0.0.25
Ibm Websphere Application Server 7.0.0.33
Ibm Websphere Application Server 7.0.0.5
Ibm Websphere Application Server 7.0.0.18
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 7.0.0.15
Ibm Websphere Application Server 8.0.0.11
Ibm Websphere Application Server 8.5.5.8
Ibm Websphere Application Server 7.0.0.23
Ibm Websphere Application Server 7.0.0.38
Ibm Websphere Application Server 8.0.0.7
Ibm Websphere Application Server 7.0.0.9
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 7.0.0.11
NA
CVE-2013-4052
Cross-site scripting (XSS) vulnerability in the UDDI Administrative console in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.47, 7.0 prior to 7.0.0.31, 8.0 prior to 8.0.0.8, and 8.5 prior to 8.5.5.1 allows remote malicious users to inject arbitrary web script or HTML ...
Ibm Websphere Application Server 6.1.0.21
Ibm Websphere Application Server 6.1.0.31
Ibm Websphere Application Server 7.0.0.14
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 6.1
Ibm Websphere Application Server 7.0.0.12
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 7.0.0.24
Ibm Websphere Application Server 7.0.0.25
Ibm Websphere Application Server 7.0.0.5
Ibm Websphere Application Server 7.0.0.18
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 7.0.0.15
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 7.0.0.23
Ibm Websphere Application Server 8.0.0.7
Ibm Websphere Application Server 7.0.0.9
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 6.1.0.33
Ibm Websphere Application Server 7.0.0.11
4.3
CVSSv3
CVE-2016-0377
The Administrative Console in IBM WebSphere Application Server (WAS) 7.x prior to 7.0.0.43, 8.0.x prior to 8.0.0.13, and 8.5.x prior to 8.5.5.10 mishandles CSRFtoken cookies, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
Ibm Websphere Application Server 7.0.0.14
Ibm Websphere Application Server 8.5.5.6
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 7.0.0.12
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 7.0.0.37
Ibm Websphere Application Server 7.0.0.42
Ibm Websphere Application Server 7.0.0.31
Ibm Websphere Application Server 7.0.0.24
Ibm Websphere Application Server 7.0.0.25
Ibm Websphere Application Server 7.0.0.33
Ibm Websphere Application Server 7.0.0.5
Ibm Websphere Application Server 7.0.0.18
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 7.0.0.15
Ibm Websphere Application Server 8.0.0.11
Ibm Websphere Application Server 8.5.5.8
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 7.0.0.23
Ibm Websphere Application Server 7.0.0.38
Ibm Websphere Application Server 8.0.0.7
Ibm Websphere Application Server 7.0.0.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »