Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere application server liberty vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-1683
IBM WebSphere Application Server Liberty could allow a remote malicious user to obtain sensitive information, caused by the failure to encrypt ORB communication. IBM X-Force ID: 145455.
Ibm Websphere Application Server
5.3
CVSSv3
CVE-2019-4305
IBM WebSphere Application Server Liberty could allow a remote malicious user to obtain sensitive information caused by the improper setting of a cookie. IBM X-Force ID: 160951.
Ibm Websphere Application Server
3.7
CVSSv3
CVE-2016-0378
IBM WebSphere Application Server (WAS) Liberty prior to 16.0.0.3, when the installation lacks a default error page, allows remote malicious users to obtain sensitive information by triggering an exception.
Ibm Websphere Application Server
NA
CVE-2012-4851
Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server 8.5 Liberty Profile prior to 8.5.0.1 allows remote malicious users to inject arbitrary web script or HTML via a crafted URI.
Ibm Websphere Application Server
7.5
CVSSv3
CVE-2018-1553
IBM WebSphere Application Server Liberty before 18.0.0.2 could allow a remote malicious user to obtain sensitive information, caused by mishandling of exceptions by the SAML Web SSO feature. IBM X-Force ID: 142890.
Ibm Websphere Application Server
6.5
CVSSv3
CVE-2020-4590
IBM WebSphere Application Server Liberty 17.0.0.3 up to and including 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client. IBM X-Force ID: 184650.
Ibm Websphere Application Server
5.4
CVSSv3
CVE-2016-3042
Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Application Server (WAS) Liberty prior to 16.0.0.3 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving OpenID Connect clients.
Ibm Websphere Application Server
5.3
CVSSv3
CVE-2021-29842
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 up to and including 21.0.0.9 could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login attempts. IBM X-Force ID: 205202.
Ibm Websphere Application Server
7.5
CVSSv3
CVE-2023-38737
IBM WebSphere Application Server Liberty 22.0.0.13 up to and including 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID:...
Ibm Websphere Application Server
7.5
CVSSv3
CVE-2024-22353
IBM WebSphere Application Server Liberty 17.0.0.3 up to and including 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: ...
Ibm Websphere Application Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »