Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm open liberty vulnerabilities and exploits
(subscribe to this query)
535
VMScore
CVE-2022-22476
IBM WebSphere Application Server Liberty 17.0.0.3 up to and including 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. IBM X-Force ID: 225604.
Ibm Websphere Application Server
Ibm Open Liberty
490
VMScore
CVE-2020-4421
IBM WebSphere Application Liberty 19.0.0.5 up to and including 20.0.0.4 could allow an authenticated user using openidconnect to spoof another users identify. IBM X-Force ID: 180084.
Ibm Websphere Application Server
446
VMScore
CVE-2020-10693
A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows malicious users to bypass input sanitation (escaping, stripping) controls that develope...
Redhat Hibernate Validator 7.0.0
Redhat Hibernate Validator
Ibm Websphere Application Server
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Jboss Enterprise Application Platform 7.3.0
Redhat Satellite Capsule 6.8
Redhat Satellite 6.8
Quarkus Quarkus
Oracle Weblogic Server 14.1.1.0.0
3 Github repositories
445
VMScore
CVE-2019-4720
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available memory. IBM X-Force ID: 172125.
Ibm Websphere Application Server
445
VMScore
CVE-2019-4441
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote malicious user to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 163177.
Ibm Websphere Application Server
383
VMScore
CVE-2020-4303
IBM WebSphere Application Server - Liberty 17.0.0.3 up to and including 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials dis...
Ibm Websphere Application Server
383
VMScore
CVE-2020-4304
IBM WebSphere Application Server - Liberty 17.0.0.3 up to and including 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials dis...
Ibm Websphere Application Server
357
VMScore
CVE-2022-22475
IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 up to and including 22.0.0.5 are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603.
Ibm Websphere Application Server
Ibm Open Liberty
356
VMScore
CVE-2020-4329
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 up to and including 20.0.0.4 could allow a remote, authenticated malicious user to obtain sensitive information, caused by improper parameter checking. This could be exploited to conduct spoofing attacks. IB...
Ibm Websphere Application Server
312
VMScore
CVE-2019-4663
IBM WebSphere Application Server - Liberty is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM ...
Ibm Websphere Application Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started