Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere application server 8.5 vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2021-20454
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 196649.
6.4
CVSSv2
CVE-2021-20453
IBM WebSphere Application Server 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 196648.
Ibm Websphere Application Server
6.4
CVSSv2
CVE-2021-20353
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 194882.
Ibm Websphere Application Server
6.4
CVSSv2
CVE-2020-4949
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192025.
Ibm Websphere Application Server
6.4
CVSSv2
CVE-2012-3305
Directory traversal vulnerability in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.47, 7.0 prior to 7.0.0.25, 8.0 prior to 8.0.0.5, and 8.5 prior to 8.5.0.1 allows remote malicious users to overwrite arbitrary files via a crafted application file.
Ibm Websphere Application Server 6.1.0
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0.15
Ibm Websphere Application Server 6.1.0.16
Ibm Websphere Application Server 6.1.0.22
Ibm Websphere Application Server 6.1.0.23
Ibm Websphere Application Server 6.1.0.24
Ibm Websphere Application Server 6.1.0.31
Ibm Websphere Application Server 6.1.0.32
Ibm Websphere Application Server 6.1.0.39
Ibm Websphere Application Server 6.1.0.4
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.10
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.18
Ibm Websphere Application Server 6.1.0.25
Ibm Websphere Application Server 6.1.0.26
Ibm Websphere Application Server 6.1.0.33
Ibm Websphere Application Server 6.1.0.34
Ibm Websphere Application Server 6.1.0.41
Ibm Websphere Application Server 6.1.0.42
Ibm Websphere Application Server 6.1.0.11
6
CVSSv2
CVE-2020-4276
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP connector. X-Force ID: 175984.
Ibm Websphere Application Server
1 Github repository
6
CVSSv2
CVE-2020-4163
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under specialized conditions, could allow an authenticated user to create a maliciously crafted file name which would be misinterpreted as jsp content and executed. IBM X-Force ID: 174397.
Ibm Websphere Application Server
6
CVSSv2
CVE-2015-1936
The administrative console in IBM WebSphere Application Server (WAS) 8.0.0 prior to 8.0.0.11 and 8.5 prior to 8.5.5.6, when the Security feature is disabled, allows remote authenticated users to hijack sessions via the JSESSIONID parameter.
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 8.0.0.6
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 8.0.0.3
Ibm Websphere Application Server 8.0.0.4
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.0.0.0
Ibm Websphere Application Server 8.0.0.1
Ibm Websphere Application Server 8.0.0.7
Ibm Websphere Application Server 8.0.0.8
Ibm Websphere Application Server 8.5.5.2
Ibm Websphere Application Server 8.5.5.3
Ibm Websphere Application Server 8.5.5.4
Ibm Websphere Application Server 8.0.0.10
Ibm Websphere Application Server 8.0.0.2
Ibm Websphere Application Server 8.0.0.9
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.5.5
6
CVSSv2
CVE-2014-4816
Cross-site request forgery (CSRF) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.x up to and including 6.1.0.47, 7.0 prior to 7.0.0.35, 8.0 prior to 8.0.0.10, and 8.5 prior to 8.5.5.4 allows remote authenticated users to hijack the authent...
Ibm Websphere Application Server 6.0.1
Ibm Websphere Application Server 6.0.1.1
Ibm Websphere Application Server 6.0.1.5
Ibm Websphere Application Server 6.0.1.7
Ibm Websphere Application Server 6.0.1.9
Ibm Websphere Application Server 6.0.2.19
Ibm Websphere Application Server 6.0.2.2
Ibm Websphere Application Server 6.0.2.29
Ibm Websphere Application Server 6.0.2.3
Ibm Websphere Application Server 6.0.2.4
Ibm Websphere Application Server 6.0.2.41
Ibm Websphere Application Server 6.1.0
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.31
Ibm Websphere Application Server 6.1.0.33
Ibm Websphere Application Server 6.1.0.47
Ibm Websphere Application Server 6.1.0.5
Ibm Websphere Application Server 7.0.0.12
Ibm Websphere Application Server 7.0.0.13
Ibm Websphere Application Server 7.0.0.21
6
CVSSv2
CVE-2012-3325
IBM WebSphere Application Server (WAS) 6.1.x prior to 6.1.0.45, 7.0.x prior to 7.0.0.25, 8.0.x prior to 8.0.0.5, and 8.5.x Full Profile prior to 8.5.0.1, when the PM44303 fix is installed, does not properly validate credentials, which allows remote authenticated users to obtain a...
Ibm Websphere Application Server 6.1.13
Ibm Websphere Application Server 6.1.0.23
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.25
Ibm Websphere Application Server 6.1.0
Ibm Websphere Application Server 6.1.0.43
Ibm Websphere Application Server 6.1.0.39
Ibm Websphere Application Server 6.1.0.37
Ibm Websphere Application Server 6.1.0.21
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0.29
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0.15
Ibm Websphere Application Server 6.1.0.27
Ibm Websphere Application Server 6.1.0.41
Ibm Websphere Application Server 6.1.14
Ibm Websphere Application Server 6.1.0.35
Ibm Websphere Application Server 6.1.0.11
Ibm Websphere Application Server 6.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »