Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere application server liberty vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-0378
IBM WebSphere Application Server (WAS) Liberty prior to 16.0.0.3, when the installation lacks a default error page, allows remote malicious users to obtain sensitive information by triggering an exception.
Ibm Websphere Application Server
4.3
CVSSv2
CVE-2016-2960
IBM WebSphere Application Server (WAS) 7.x prior to 7.0.0.43, 8.0.0.x prior to 8.0.0.13, 8.5.0.x prior to 8.5.5.10, 8.5.0.x and 16.0.0.x Liberty before Liberty Fix Pack 16.0.0.3, and 9.0.0.x prior to 9.0.0.1 allows remote malicious users to cause a denial of service via crafted S...
Ibm Websphere Application Server 7.0.0.14
Ibm Websphere Application Server 8.5.5.6
Ibm Websphere Application Server 7.0.0.12
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 7.0.0.37
Ibm Websphere Application Server 7.0.0.31
Ibm Websphere Application Server 7.0.0.24
Ibm Websphere Application Server 7.0.0.25
Ibm Websphere Application Server 7.0.0.33
Ibm Websphere Application Server 7.0.0.5
Ibm Websphere Application Server 7.0.0.18
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 7.0.0.15
Ibm Websphere Application Server 8.0.0.11
Ibm Websphere Application Server 8.5.5.8
Ibm Websphere Application Server 7.0.0.23
Ibm Websphere Application Server 7.0.0.38
Ibm Websphere Application Server 8.0.0.7
Ibm Websphere Application Server 7.0.0.9
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 7.0.0.11
4.3
CVSSv2
CVE-2016-0359
CRLF injection vulnerability in IBM WebSphere Application Server (WAS) 7.0 prior to 7.0.0.43, 8.0 prior to 8.0.0.13, 8.5 Full prior to 8.5.5.10, and 8.5 Liberty before Liberty Fix Pack 16.0.0.2 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP respon...
Ibm Websphere Application Server 7.0.0.14
Ibm Websphere Application Server 8.5.5.6
Ibm Websphere Application Server 7.0.0.12
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 7.0.0.37
Ibm Websphere Application Server 7.0.0.31
Ibm Websphere Application Server 7.0.0.24
Ibm Websphere Application Server 7.0.0.25
Ibm Websphere Application Server 7.0.0.33
Ibm Websphere Application Server 7.0.0.5
Ibm Websphere Application Server 7.0.0.18
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 7.0.0.15
Ibm Websphere Application Server 8.0.0.11
Ibm Websphere Application Server 8.5.5.8
Ibm Websphere Application Server 7.0.0.23
Ibm Websphere Application Server 7.0.0.38
Ibm Websphere Application Server 8.0.0.7
Ibm Websphere Application Server 7.0.0.9
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 7.0.0.11
Ibm Websphere Application Server 7.0.0.32
4.3
CVSSv2
CVE-2016-0283
Cross-site scripting (XSS) vulnerability in the OpenID Connect (OIDC) client web application in IBM WebSphere Application Server (WAS) Liberty Profile 8.5.5 prior to 8.5.5.9 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Ibm Websphere Application Server 8.5.5.7
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 8.5.5.6
Ibm Websphere Application Server 8.5.5.4
Ibm Websphere Application Server 8.5.5.5
Ibm Websphere Application Server 8.5.5.3
Ibm Websphere Application Server 8.5.5.8
Ibm Websphere Application Server 8.5.5.2
4.3
CVSSv2
CVE-2014-0896
IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x prior to 8.5.5.2 allows remote malicious users to obtain sensitive information via a crafted request.
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.0.1
4.3
CVSSv2
CVE-2013-4006
IBM WebSphere Application Server (WAS) Liberty Profile 8.5 prior to 8.5.5.1 uses weak permissions for unspecified files, which allows local users to obtain sensitive information via standard filesystem operations.
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.0.1
4.3
CVSSv2
CVE-2012-4851
Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server 8.5 Liberty Profile prior to 8.5.0.1 allows remote malicious users to inject arbitrary web script or HTML via a crafted URI.
Ibm Websphere Application Server
4
CVSSv2
CVE-2022-22475
IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 up to and including 22.0.0.5 are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603.
Ibm Websphere Application Server
Ibm Open Liberty
4
CVSSv2
CVE-2020-4590
IBM WebSphere Application Server Liberty 17.0.0.3 up to and including 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client. IBM X-Force ID: 184650.
Ibm Websphere Application Server
4
CVSSv2
CVE-2020-4466
IBM MQ for HPE NonStop 8.0.4 and 8.1.0 could allow a remote authenticated attacker could cause a denial of service due to an error within the Queue processing function. IBM X-Force ID: 181563.
Ibm Mq For Hpe Nonstop 8.0.4
Ibm Mq For Hpe Nonstop 8.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »