Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm content manager 8.5 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-1502
IBM Content Manager Enterprise Edition Resource Manager 8.4.3 and 9.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wit...
Ibm Content Manager 8.4.3
Ibm Content Manager 8.5
6.1
CVSSv3
CVE-2017-1303
IBM WebSphere Portal and Web Content Manager 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure withi...
Ibm Websphere Portal 7.0
Ibm Websphere Portal 8.5
Ibm Websphere Portal 8.0
Ibm Websphere Portal 9.0
6.1
CVSSv3
CVE-2016-8922
Exphox WebRadar is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Ibm Web Content Manager Production Analytics 4.0
Ibm Websphere Portal 8.0
Ibm Websphere Portal 8.5
5.4
CVSSv3
CVE-2016-3056
Cross-site scripting (XSS) vulnerability in Business Space in IBM Business Process Manager 7.5 up to and including 7.5.1.2, 8.0 up to and including 8.0.1.3, and 8.5 prior to 8.5.7.0 CF2016.09 allows remote authenticated users to inject arbitrary web script or HTML via crafted con...
Ibm Business Process Manager 8.5.7.0
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.5.0.2
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 7.5.0.1
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.0.1.0
Ibm Business Process Manager 7.5.1.2
Ibm Business Process Manager 7.5.1.0
Ibm Business Process Manager 7.5.0.0
8.8
CVSSv3
CVE-2016-2901
Cross-site request forgery (CSRF) vulnerability in the PA_Theme_Creator application in IBM WebSphere Portal 8.5 CF08 through CF10 and Web Content Manager allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Ibm Websphere Portal 8.5.0.0
Ibm Web Content Manager
3.7
CVSSv3
CVE-2015-4000
The TLS protocol 1.2 and previous versions, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle malicious users to conduct cipher-downgrade attacks by rewriting a ClientHello with D...
Openssl Openssl
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Hp Hp-ux B.11.31
Ibm Content Manager 8.5
Oracle Jrockit R28.3.6
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Oracle Jdk 1.8.0
Oracle Jre 1.7.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Suse Linux Enterprise Server 11.0
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Desktop 12
Suse Suse Linux Enterprise Server 12
Apple Mac Os X
Apple Iphone Os
1 Nmap script
4 Github repositories
1 Article
NA
CVE-2014-4759
An unspecified Ajax service in the Content Management toolkit in IBM Business Process Manager (BPM) 8.5.x up to and including 8.5.5 allows remote authenticated users to obtain sensitive information by performing a document-attachment search and then reading document properties in...
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.5.5.0
NA
CVE-2013-6329
IBM Global Security Kit (aka GSKit), as used in Content Manager OnDemand 8.5 and 9.0 and other products, allows remote malicious users to cause a denial of service via a crafted handshake during resumption of an SSLv2 session.
Ibm Security Access Manager For Web 6.1.1
Ibm Security Access Manager For Web 7.0
Ibm Content Manager Ondemand For Multiplatforms 9.0
Ibm Global Security Kit -
Ibm Content Manager Ondemand For Multiplatforms 8.5
Ibm Security Access Manager For Web 6.0
Ibm Security Access Manager For Web 6.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started