Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
websphere application server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-1632
Apache Axis2 prior to 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 up to and including 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 up to and including 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geroni...
Apache Axis2 1.4
Apache Axis2 1.3
Apache Axis2 1.4.1
Apache Axis2 1.5
Apache Axis2
7.5
CVSSv2
CVE-2010-2324
IBM WebSphere Application Server (WAS) 7.0 prior to 7.0.0.11 on z/OS allows malicious users to perform unspecified "link injection" actions via unknown vectors.
Ibm Websphere Application Server
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 7.0.0.5
Ibm Websphere Application Server 7.0.0.3
Ibm Websphere Application Server 7.0.0.6
Ibm Websphere Application Server 7.0.0.8
Ibm Websphere Application Server 7.0.0.7
Ibm Websphere Application Server 7.0.0.9
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 7.0.0.2
7.5
CVSSv2
CVE-2010-1182
Multiple unspecified vulnerabilities in the administrative console in IBM WebSphere Application Server (WAS) 7.0.x prior to 7.0.0.9 on z/OS have unknown impact and attack vectors.
Ibm Websphere Application Server 7.0.0.7
Ibm Websphere Application Server 7.0.0.8
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 7.0.0.6
Ibm Websphere Application Server 7.0.0.3
Ibm Websphere Application Server 7.0.0.5
7.5
CVSSv2
CVE-2009-2085
The Security component in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.25 and 7.0 prior to 7.0.0.5 does not properly handle use of Identity Assertion with CSIv2 Security, which allows remote malicious users to bypass intended CSIv2 access restrictions via vectors inv...
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.24
Ibm Websphere Application Server 6.1.0.23
Ibm Websphere Application Server 6.1.0.15
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.0.13
Ibm Websphere Application Server 6.1.0.12
Ibm Websphere Application Server 6.1
Ibm Websphere Application Server 6.1.0.4
Ibm Websphere Application Server 6.1.0.21
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 7.0.0.3
Ibm Websphere Application Server 6.1.0.8
Ibm Websphere Application Server 6.1.0.6
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.16
Ibm Websphere Application Server 6.1.0.14
Ibm Websphere Application Server 6.1.0.17
7.5
CVSSv2
CVE-2009-2088
The Servlet Engine/Web Container component in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.25 and 7.0 prior to 7.0.0.5, when SPNEGO Single Sign-on (SSO) and disableSecurityPreInvokeOnFilters are configured, allows remote malicious users to bypass authentication via a...
Ibm Websphere Application Server 6.1.0.21
Ibm Websphere Application Server 6.1.0.20
Ibm Websphere Application Server 6.1.0.10
Ibm Websphere Application Server 6.1.0.5
Ibm Websphere Application Server 6.1.0
Ibm Websphere Application Server 6.1.0.9
Ibm Websphere Application Server 7.0.0.3
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.8
Ibm Websphere Application Server 6.1.0.23
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.16
Ibm Websphere Application Server 6.1.0.13
Ibm Websphere Application Server 6.1.0.14
Ibm Websphere Application Server 6.1
Ibm Websphere Application Server 6.1.0.18
Ibm Websphere Application Server 6.1.0.22
Ibm Websphere Application Server 6.1.0.24
Ibm Websphere Application Server 6.1.0.15
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.0.11
7.5
CVSSv2
CVE-2009-2092
IBM WebSphere Application Server (WAS) 7.0 prior to 7.0.0.5 does not properly read the portletServingEnabled parameter in ibm-portlet-ext.xmi, which allows remote malicious users to bypass intended access restrictions via unknown vectors.
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 7.0.0.3
7.5
CVSSv2
CVE-2009-0903
IBM WebSphere Application Server (WAS) 7.0 prior to 7.0.0.3, and the Feature Pack for Web Services for WAS 6.1 prior to 6.1.0.25, when a WS-Security policy is established at the operation level, does not properly handle inbound requests that lack a SOAPAction or WS-Addressing Act...
Ibm Websphere Application Server 6.1.0.4
Ibm Websphere Application Server 6.1.0.21
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0.10
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 6.1.0.8
Ibm Websphere Application Server 6.1.0.6
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.16
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.14
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.18
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 6.1.0.20
Ibm Websphere Application Server 6.1.0.22
Ibm Websphere Application Server 6.1.0.5
Ibm Websphere Application Server 6.1.0.15
Ibm Websphere Application Server 6.1.0.9
Ibm Websphere Application Server 6.1.0.11
7.5
CVSSv2
CVE-2009-0508
The Servlet Engine/Web Container and JSP components in IBM WebSphere Application Server (WAS) 5.1.0, 5.1.1.19, 6.0.2 prior to 6.0.2.35, 6.1 prior to 6.1.0.23, and 7.0 prior to 7.0.0.3 allow remote malicious users to read arbitrary files contained in war files in (1) web-inf, (2) ...
Ibm Websphere Application Server 6.0.2.1
Ibm Websphere Application Server 6.0.2.3
Ibm Websphere Application Server 6.0.2.19
Ibm Websphere Application Server 6.0.2.21
Ibm Websphere Application Server 6.1
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.15
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.0.2.5
Ibm Websphere Application Server 6.0.2.7
Ibm Websphere Application Server 6.0.2.23
Ibm Websphere Application Server 6.0.2.25
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.21
Ibm Websphere Application Server 5.1.0
Ibm Websphere Application Server 5.1.1.19
Ibm Websphere Application Server 6.0.2
Ibm Websphere Application Server 6.0.2.15
Ibm Websphere Application Server 6.0.2.17
Ibm Websphere Application Server 6.0.2.29
7.5
CVSSv2
CVE-2007-4839
Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK33803.
Ibm Websphere Application Server 6.1.0.9
7.5
CVSSv2
CVE-2007-1945
Unspecified vulnerability in the Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) prior to 6.1.0.7 has unknown impact and attack vectors.
Ibm Websphere Application Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »