Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere application server liberty vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-22393
IBM WebSphere Application Server Liberty 17.0.0.3 up to and including 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ...
Ibm Websphere Application Server
8.2
CVSSv3
CVE-2021-20492
IBM WebSphere Application Server 8.0, 8.5, 9.0, and Liberty Java Batch is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Fo...
Ibm Websphere Application Server
8.8
CVSSv3
CVE-2021-39031
IBM WebSphere Application Server - Liberty 17.0.0.3 up to and including 22.0.0.1 could allow a remote authenticated malicious user to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and could result in in granting perm...
Ibm Websphere Application Server
9.8
CVSSv3
CVE-2018-1851
IBM WebSphere Application Server Liberty OpenID Connect could allow a remote malicious user to execute arbitrary code on the system, caused by improper deserialization. By sending a specially-crafted request to the RP service, an attacker could exploit this vulnerability to execu...
Ibm Websphere Application Server
5.4
CVSSv3
CVE-2019-4285
IBM WebSphere Application Server - Liberty Admin Center could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could send a specially-crafted HTTP request to hijack the victim's...
Ibm Websphere Application Server -
5.4
CVSSv3
CVE-2021-39038
IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 up to and including 22.0.0.2 could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could e...
Ibm Websphere Application Server
NA
CVE-2012-4850
IBM WebSphere Application Server 8.5 Liberty Profile prior to 8.5.0.1, when JAX-RS is used, does not properly validate requests, which allows remote malicious users to gain privileges via unspecified vectors.
Ibm Websphere Application Server 8.5.0.0
3.3
CVSSv3
CVE-2017-1681
IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.15) could allow a local malicious user to obtain sensitive information, caused by improper handling of application requests, which could allow unauthorized access to read a file. IBM X-Force ID: 134003.
Ibm Liberty
7.5
CVSSv3
CVE-2017-1583
IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.13)could allow a remote malicious user to obtain sensitive information caused by improper error handling by MyFaces in JSF.
Ibm Liberty 3.13
5.3
CVSSv3
CVE-2020-10693
A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows malicious users to bypass input sanitation (escaping, stripping) controls that develope...
Redhat Hibernate Validator 7.0.0
Redhat Hibernate Validator
Ibm Websphere Application Server
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Jboss Enterprise Application Platform 7.3.0
Redhat Satellite Capsule 6.8
Redhat Satellite 6.8
Quarkus Quarkus
Oracle Weblogic Server 14.1.1.0.0
3 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »