Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
websphere application server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-43917
IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an malicious user to decrypt sensitive information. This affects only the containerized version of WebSphere Application Server traditional. IBM X-For...
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
7.5
CVSSv3
CVE-2021-38951
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available CPU resources. IBM X-Force ID: 211405.
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
7.5
CVSSv3
CVE-2021-20354
IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote malicious user to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 194883.
Ibm Websphere Application Server
7.5
CVSSv3
CVE-2020-4576
IBM WebSphere Application Server 7.5, 8.0, 8.5, and 9.0 traditional could allow a remote malicious user to obtain sensitive information with a specially-crafted sequence of serialized objects. IBM X-Force ID: 184428.
Ibm Websphere Application Server
7.5
CVSSv3
CVE-2020-4643
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information. IBM X-Force ID: 185590.
Ibm Websphere Application Server
7.5
CVSSv3
CVE-2020-4449
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could allow a remote malicious user to obtain sensitive information with a specially-crafted sequence of serialized objects. IBM X-Force ID: 181230.
Ibm Websphere Application Server
7.5
CVSSv3
CVE-2020-4276
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP connector. X-Force ID: 175984.
Ibm Websphere Application Server
1 Github repository
7.5
CVSSv3
CVE-2019-4720
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available memory. IBM X-Force ID: 172125.
Ibm Websphere Application Server
7.5
CVSSv3
CVE-2019-4269
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console could allow a remote malicious user to obtain sensitive information when a specially crafted url causes a stack trace to be dumped. IBM X-Force ID: 160202.
Ibm Websphere Application Server
7.5
CVSSv3
CVE-2019-4046
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by improper handling of request headers. A remote attacker could exploit this vulnerability to cause the consumption of Memory. IBM X-Force ID: 156242.
Ibm Websphere Application Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »