Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
websphere application server vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2020-4534
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local authenticated malicious user to gain elevated privileges on the system, caused by improper handling of UNC paths. By scheduling a task with a specially-crafted UNC path, an attacker could exploit this vul...
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
641
VMScore
CVE-2013-3024
IBM WebSphere Application Server (WAS) 8.5 up to and including 8.5.0.2 on UNIX allows local users to gain privileges by leveraging improper process initialization. IBM X-Force ID: 84362.
Ibm Websphere Application Server
641
VMScore
CVE-2009-0436
The (1) mod_ibm_ssl and (2) mod_cgid modules in IBM HTTP Server 6.0.x prior to 6.0.2.31 and 6.1.x prior to 6.1.0.19, as used in WebSphere Application Server (WAS), set incorrect permissions for AF_UNIX sockets, which has unknown impact and local attack vectors.
Ibm Websphere Application Server 6.0.1.1
Ibm Websphere Application Server 6.0.2.27
Ibm Websphere Application Server 6.0.2
Ibm Websphere Application Server 6.0.2.2
Ibm Websphere Application Server 6.0.2.24
Ibm Websphere Application Server 6.0.2.23
Ibm Websphere Application Server 6.0.2.30
Ibm Websphere Application Server 6.0.2.4
Ibm Websphere Application Server 6.1.0.4
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.0.13
Ibm Websphere Application Server 6.0.2.29
Ibm Websphere Application Server 6.0.2.28
Ibm Websphere Application Server 6.0.1.9
Ibm Websphere Application Server 6.0.1.7
Ibm Websphere Application Server 6.0.2.15
Ibm Websphere Application Server 6.0
Ibm Websphere Application Server 6.0.0.2
Ibm Websphere Application Server 6.0.0.3
Ibm Websphere Application Server 6.0.2.7
Ibm Websphere Application Server 6.0.2.9
641
VMScore
CVE-1999-0852
IBM WebSphere sets permissions that allow a local user to modify a deinstallation script or its data files stored in /usr/bin.
Ibm Websphere Application Server 3.0
632
VMScore
CVE-2014-4764
IBM WebSphere Application Server (WAS) 8.0.x prior to 8.0.0.10 and 8.5.x prior to 8.5.5.3, when Load Balancer for IPv4 Dispatcher is enabled, allows remote malicious users to cause a denial of service (Load Balancer crash) via unspecified vectors.
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 8.5.5.2
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 8.0.0.6
Ibm Websphere Application Server 8.0.0.7
Ibm Websphere Application Server 8.0.0.3
Ibm Websphere Application Server 8.0.0.4
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 8.0.0.1
Ibm Websphere Application Server 8.0.0.2
Ibm Websphere Application Server 8.0.0.0
Ibm Websphere Application Server 8.0.0.8
Ibm Websphere Application Server 8.0.0.9
632
VMScore
CVE-2014-0964
IBM WebSphere Application Server (WAS) 6.1.0.0 up to and including 6.1.0.47 and 6.0.2.0 up to and including 6.0.2.43 allows remote malicious users to cause a denial of service via crafted TLS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool.
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.31
Ibm Websphere Application Server 6.1.0.33
Ibm Websphere Application Server 6.1.0.47
Ibm Websphere Application Server 6.1.0.5
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.0.13
Ibm Websphere Application Server 6.1.0.14
Ibm Websphere Application Server 6.1.0.25
Ibm Websphere Application Server 6.1.0.27
Ibm Websphere Application Server 6.1.0.39
Ibm Websphere Application Server 6.1.0.41
Ibm Websphere Application Server 6.1.0.15
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.29
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0.43
Ibm Websphere Application Server 6.1.0.45
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.11
614
VMScore
CVE-2019-4732
IBM SDK, Java Technology Edition Version 7.0.0.0 up to and including 7.0.10.55, 7.1.0.0 up to and including 7.1.4.55, and 8.0.0.0 up to and including 8.0.6.0 could allow a local authenticated malicious user to execute arbitrary code on the system, caused by DLL search order hijac...
Ibm Sdk
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
614
VMScore
CVE-2014-3020
install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, which allows local users to gain privileges via a Trojan horse program.
Ibm Embedded Websphere Application Server 7.0
Ibm Tivoli Integrated Portal 2.2
Ibm Tivoli Integrated Portal 2.1
605
VMScore
CVE-2019-4080
IBM WebSphere Application Server Admin Console 7.5, 8.0, 8.5, and 9.0 is vulnerable to a potential denial of service, caused by improper parameter parsing. A remote attacker could exploit this to consume all available CPU resources. IBM X-Force ID: 157380.
Ibm Websphere Application Server
605
VMScore
CVE-2018-1926
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious URL, a remote attacker could send a specially-crafted request. An att...
Ibm Websphere Application Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »