Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere application server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-4347
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could be subject to attacks based on privilege escalation due to inappropriate file permissions for files used by WebSphere Application Server Network Deployment. IBM X-Force ID: 178412.
Ibm Infosphere Information Server 11.3
Ibm Infosphere Information Server 11.5
Ibm Infosphere Information Server 11.7
7.5
CVSSv2
CVE-2019-8352
By default, BMC PATROL Agent up to and including 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services. If an attacker were able to capture this network traffic, they could decrypt these credentials ...
Bmc Patrol Agent
1 EDB exploit
7.5
CVSSv2
CVE-2018-1904
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote malicious users to execute arbitrary Java code through an administrative client class with a serialized object from untrusted sources. IBM X-Force ID: 152533.
Ibm Websphere Application Server
7.5
CVSSv2
CVE-2018-1851
IBM WebSphere Application Server Liberty OpenID Connect could allow a remote malicious user to execute arbitrary code on the system, caused by improper deserialization. By sending a specially-crafted request to the RP service, an attacker could exploit this vulnerability to execu...
Ibm Websphere Application Server
7.5
CVSSv2
CVE-2018-1567
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote malicious users to execute arbitrary Java code through the SOAP connector with a serialized object from untrusted sources. IBM X-Force ID: 143024.
Ibm Websphere Application Server
1 Article
7.5
CVSSv2
CVE-2011-4889
The javax.naming.directory.AttributeInUseException class in the Virtual Member Manager in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.43, 7.0 prior to 7.0.0.21, and 8.0 prior to 8.0.0.2 does not properly update passwords on a configuration using Tivoli Directory Ser...
Ibm Websphere Application Server
7.5
CVSSv2
CVE-2012-4850
IBM WebSphere Application Server 8.5 Liberty Profile prior to 8.5.0.1, when JAX-RS is used, does not properly validate requests, which allows remote malicious users to gain privileges via unspecified vectors.
Ibm Websphere Application Server 8.5.0.0
7.5
CVSSv2
CVE-2011-1309
The Plug-in component in IBM WebSphere Application Server (WAS) prior to 7.0.0.15 does not properly handle trace requests, which has unspecified impact and attack vectors.
Ibm Websphere Application Server 7.0.0.11
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 6.0.2.30
Ibm Websphere Application Server 6.0.2.29
Ibm Websphere Application Server 6.0.2.4
Ibm Websphere Application Server 6.0.2.9
Ibm Websphere Application Server 6.0.2
Ibm Websphere Application Server 6.0.2.19
Ibm Websphere Application Server 6.0.1
Ibm Websphere Application Server 6.0.0.2
Ibm Websphere Application Server 5.1.1.7
Ibm Websphere Application Server 5.1.1.5
Ibm Websphere Application Server 6.0.1.17
Ibm Websphere Application Server 5.1.0.2
Ibm Websphere Application Server 5.0.2.8
Ibm Websphere Application Server 5.0.2.2
Ibm Websphere Application Server 5.0.2.16
Ibm Websphere Application Server 5.0.2.10
Ibm Websphere Application Server 6.0.1.3
Ibm Websphere Application Server 6.0.1.1
Ibm Websphere Application Server 4.0.2
7.5
CVSSv2
CVE-2010-1632
Apache Axis2 prior to 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 up to and including 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 up to and including 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geroni...
Apache Axis2 1.4
Apache Axis2 1.3
Apache Axis2 1.4.1
Apache Axis2 1.5
Apache Axis2
7.5
CVSSv2
CVE-2010-2324
IBM WebSphere Application Server (WAS) 7.0 prior to 7.0.0.11 on z/OS allows malicious users to perform unspecified "link injection" actions via unknown vectors.
Ibm Websphere Application Server
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 7.0.0.5
Ibm Websphere Application Server 7.0.0.3
Ibm Websphere Application Server 7.0.0.6
Ibm Websphere Application Server 7.0.0.8
Ibm Websphere Application Server 7.0.0.7
Ibm Websphere Application Server 7.0.0.9
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 7.0.0.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »