Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-1156
IBM WebSphere Portal 8.5 and 9.0 could allow a remote malicious user to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect...
Ibm Websphere Portal 9.0
Ibm Websphere Portal 8.5
8.8
CVSSv3
CVE-2017-1194
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 123669.
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
8.8
CVSSv3
CVE-2016-2901
Cross-site request forgery (CSRF) vulnerability in the PA_Theme_Creator application in IBM WebSphere Portal 8.5 CF08 through CF10 and Web Content Manager allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Ibm Websphere Portal 8.5.0.0
Ibm Web Content Manager
8.8
CVSSv3
CVE-2015-5007
Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Commerce 6.0 up to and including 6.0.0.11, 7.0 up to and including 7.0.0.9, and 7.0 Feature Pack 8 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS seque...
Ibm Websphere Commerce 6.0.0.7
Ibm Websphere Commerce 7.0.0.6
Ibm Websphere Commerce 7.0.0.4
Ibm Websphere Commerce 6.0.0.5
Ibm Websphere Commerce 6.0.0.10
Ibm Websphere Commerce 7.0
Ibm Websphere Commerce 6.0.0.11
Ibm Websphere Commerce 6.0.0.2
Ibm Websphere Commerce 7.0.0.5
Ibm Websphere Commerce 7.0.0.2
Ibm Websphere Commerce 7.0.0.8
Ibm Websphere Commerce 6.0.0.1
Ibm Websphere Commerce 7.0.0.9
Ibm Websphere Commerce 6.0.0.8
Ibm Websphere Commerce 6.0.0.3
Ibm Websphere Commerce 6.0.0.4
Ibm Websphere Commerce 6.0.0.9
Ibm Websphere Commerce 7.0.0.1
Ibm Websphere Commerce 7.0.0.7
Ibm Websphere Commerce 6.0.0.6
Ibm Websphere Commerce 7.0.0.3
Ibm Websphere Commerce 6.0.0.0
8.6
CVSSv3
CVE-2016-9691
IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all avail...
Ibm Websphere Cast Iron Solution 7.5.0.0
Ibm Websphere Cast Iron Solution 7.0.0
Ibm Websphere Cast Iron Solution 7.5.1.0
Ibm Websphere Cast Iron Solution 7.5.0.1
Ibm Websphere Cast Iron Solution 7.0.0.1
Ibm Websphere Cast Iron Solution 7.0.0.2
8.6
CVSSv3
CVE-2016-9692
IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP r...
Ibm Websphere Cast Iron Solution 7.5.0.0
Ibm Websphere Cast Iron Solution 7.0.0
Ibm Websphere Cast Iron Solution 7.5.1.0
Ibm Websphere Cast Iron Solution 7.5.0.1
Ibm Websphere Cast Iron Solution 7.0.0.1
Ibm Websphere Cast Iron Solution 7.0.0.2
8.6
CVSSv3
CVE-2017-1145
IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #: 1999672.
Ibm Websphere Mq 8.0.0.6
8.5
CVSSv3
CVE-2018-1701
IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that would execute on the WebSphere Application Server. IBM X-Force ID: 145970.
Ibm Infosphere Information Server 11.7
Ibm Infosphere Information Server On Cloud 11.7
8.2
CVSSv3
CVE-2021-20492
IBM WebSphere Application Server 8.0, 8.5, 9.0, and Liberty Java Batch is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Fo...
Ibm Websphere Application Server
8.2
CVSSv3
CVE-2021-20454
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 196649.
Ibm Websphere Application Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-38627
CVE-2022-45803
CVE-2024-38319
camera
template injection
CVE-2024-27801
CVE-2024-0762
CVE-2024-5791
unauthorized
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »