Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere application server 8.5 vulnerabilities and exploits
(subscribe to this query)
694
VMScore
CVE-2021-20354
IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote malicious user to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 194883.
Ibm Websphere Application Server
571
VMScore
CVE-2021-20353
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 194882.
Ibm Websphere Application Server
571
VMScore
CVE-2020-4949
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192025.
Ibm Websphere Application Server
356
VMScore
CVE-2020-4782
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
Ibm Websphere Application Server
446
VMScore
CVE-2020-4576
IBM WebSphere Application Server 7.5, 8.0, 8.5, and 9.0 traditional could allow a remote malicious user to obtain sensitive information with a specially-crafted sequence of serialized objects. IBM X-Force ID: 184428.
Ibm Websphere Application Server
187
VMScore
CVE-2020-4629
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensitive information from a detailed technical error message. This information could be used in further attacks against the system. IBM X-Force ID: 185370.
Ibm Websphere Application Server
446
VMScore
CVE-2020-4643
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information. IBM X-Force ID: 185590.
Ibm Websphere Application Server
312
VMScore
CVE-2020-4578
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...
Ibm Websphere Application Server
383
VMScore
CVE-2020-4575
IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured.
Ibm Websphere Virtual Enterprise 7.0
Ibm Websphere Virtual Enterprise 8.0
Ibm Websphere Application Server
891
VMScore
CVE-2020-4589
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 184585.
Ibm Websphere Application Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
log injection
CVE-2024-37079
type confusion
CVE-2024-32943
CVE-2024-30103
CVE-2024-37350
arbitrary code
CVE-2024-6189
CVE-2024-6225
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »