Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
websphere application server vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2020-4276
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP connector. X-Force ID: 175984.
Ibm Websphere Application Server
1 Github repository
4
CVSSv2
CVE-2019-4670
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to obtain sensitive information caused by improper data representation. IBM X-Force ID: 171319.
Ibm Websphere Application Server
6
CVSSv2
CVE-2020-4163
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under specialized conditions, could allow an authenticated user to create a maliciously crafted file name which would be misinterpreted as jsp content and executed. IBM X-Force ID: 174397.
Ibm Websphere Application Server
6.9
CVSSv2
CVE-2019-4732
IBM SDK, Java Technology Edition Version 7.0.0.0 up to and including 7.0.10.55, 7.1.0.0 up to and including 7.1.4.55, and 8.0.0.0 up to and including 8.0.6.0 could allow a local authenticated malicious user to execute arbitrary code on the system, caused by DLL search order hijac...
Ibm Sdk
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
5
CVSSv2
CVE-2019-4720
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available memory. IBM X-Force ID: 172125.
Ibm Websphere Application Server
3.5
CVSSv2
CVE-2019-4663
IBM WebSphere Application Server - Liberty is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM ...
Ibm Websphere Application Server
5
CVSSv2
CVE-2019-4441
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote malicious user to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 163177.
Ibm Websphere Application Server
6.5
CVSSv2
CVE-2019-4304
IBM WebSphere Application Server - Liberty could allow a remote malicious user to bypass security restrictions caused by improper session validation. IBM X-Force ID: 160950.
Ibm Websphere Application Server
5
CVSSv2
CVE-2019-4305
IBM WebSphere Application Server Liberty could allow a remote malicious user to obtain sensitive information caused by the improper setting of a cookie. IBM X-Force ID: 160951.
Ibm Websphere Application Server
5
CVSSv2
CVE-2019-4505
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Network Deployment could allow a remote malicious user to obtain sensitive information, caused by sending a specially-crafted URL. This can lead the malicious user to view any file in a certain directory. IBM X-Force ID: 164...
Ibm Websphere Virtual Enterprise 7.0
Ibm Websphere Virtual Enterprise 8.0
Ibm Websphere Application Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »