Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere application server vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2006-5324
The Web Services Notification (WSN) security component of IBM WebSphere Application Server prior to 6.1.0.2 allows malicious users to obtain unspecified access without supplying a username and password, aka PK28374.
Ibm Websphere Application Server
668
VMScore
CVE-2006-4136
Multiple unspecified vulnerabilities in IBM WebSphere Application Server prior to 6.1.0.1 have unspecified impact and attack vectors involving (1) "SOAP requests and responses", (2) mbean, (3) ThreadIdentitySupport, and possibly others.
Ibm Websphere Application Server 6.0.1
Ibm Websphere Application Server 6.0.1.2
Ibm Websphere Application Server 6.0.2.6
Ibm Websphere Application Server 6.0.2.7
Ibm Websphere Application Server 6.0
Ibm Websphere Application Server 6.0.0.1
Ibm Websphere Application Server 6.0.2.2
Ibm Websphere Application Server 6.0.2.3
Ibm Websphere Application Server 6.0.0.2
Ibm Websphere Application Server 6.0.0.3
Ibm Websphere Application Server 6.0.2.4
Ibm Websphere Application Server 6.0.2.5
Ibm Websphere Application Server 6.0.2
Ibm Websphere Application Server 6.0.2.1
Ibm Websphere Application Server 6.0.2.9
Ibm Websphere Application Server
668
VMScore
CVE-2006-2436
WebSphere Application Server 5.0.2 (or any earlier cumulative fix) stores admin and LDAP passwords in plaintext in the FFDC logs when a login to WebSphere fails, which allows malicious users to gain privileges.
Ibm Websphere Application Server 5.0.0
Ibm Websphere Application Server 5.0.1
Ibm Websphere Application Server 5.0.2
668
VMScore
CVE-2006-2432
IBM WebSphere Application Server 5.0.2 (or any earlier cumulative fix) and 5.1.1 (or any earlier cumulative fix) allows EJB access on Solaris systems via a crafted LTPA token.
Ibm Websphere Application Server 5.0.0
Ibm Websphere Application Server 5.0.1
Ibm Websphere Application Server 5.0.2
Ibm Websphere Application Server 5.1.0
Ibm Websphere Application Server 5.1.1
668
VMScore
CVE-2006-2342
IBM WebSphere Application Server 6.0.2 before FixPack 3 allows remote malicious users to bypass authentication for the Welcome Page via a request to the default context root.
Ibm Websphere Application Server 6.0.2
668
VMScore
CVE-2005-1872
Buffer overflow in the administrative console in IBM WebSphere Application Server 5.x, when the global security option is enabled, allows remote malicious users to execute arbitrary code.
Ibm Websphere Application Server 5.0
668
VMScore
CVE-2001-0824
Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote malicious users to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javascript into an error ...
Ibm Websphere Application Server 3.0.2
Ibm Websphere Application Server 3.5
668
VMScore
CVE-2001-0962
IBM WebSphere Application Server 3.02 up to and including 3.53 uses predictable session IDs for cookies, which allows remote malicious users to gain privileges of WebSphere users via brute force guessing.
Ibm Websphere Commerce Suite 3.2
Ibm Websphere Application Server
Ibm Websphere Commerce Suite 3.1.2
641
VMScore
CVE-2020-4534
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local authenticated malicious user to gain elevated privileges on the system, caused by improper handling of UNC paths. By scheduling a task with a specially-crafted UNC path, an attacker could exploit this vul...
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
641
VMScore
CVE-2013-3024
IBM WebSphere Application Server (WAS) 8.5 up to and including 8.5.0.2 on UNIX allows local users to gain privileges by leveraging improper process initialization. IBM X-Force ID: 84362.
Ibm Websphere Application Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »