Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere application server 9.0 vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2021-20353
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 194882.
Ibm Websphere Application Server
8.2
CVSSv3
CVE-2020-4949
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192025.
Ibm Websphere Application Server
6.5
CVSSv3
CVE-2020-4782
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
Ibm Websphere Application Server
7.5
CVSSv3
CVE-2020-4576
IBM WebSphere Application Server 7.5, 8.0, 8.5, and 9.0 traditional could allow a remote malicious user to obtain sensitive information with a specially-crafted sequence of serialized objects. IBM X-Force ID: 184428.
Ibm Websphere Application Server
3.3
CVSSv3
CVE-2020-4629
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensitive information from a detailed technical error message. This information could be used in further attacks against the system. IBM X-Force ID: 185370.
Ibm Websphere Application Server
7.5
CVSSv3
CVE-2020-4643
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information. IBM X-Force ID: 185590.
Ibm Websphere Application Server
5.4
CVSSv3
CVE-2020-4578
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...
Ibm Websphere Application Server
6.1
CVSSv3
CVE-2020-4575
IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured.
Ibm Websphere Application Server
Ibm Websphere Virtual Enterprise 7.0
Ibm Websphere Virtual Enterprise 8.0
9.8
CVSSv3
CVE-2020-4589
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 184585.
Ibm Websphere Application Server
8.8
CVSSv3
CVE-2020-4534
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local authenticated malicious user to gain elevated privileges on the system, caused by improper handling of UNC paths. By scheduling a task with a specially-crafted UNC path, an attacker could exploit this vul...
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »