Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere process server vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2013-3024
IBM WebSphere Application Server (WAS) 8.5 up to and including 8.5.0.2 on UNIX allows local users to gain privileges by leveraging improper process initialization. IBM X-Force ID: 84362.
Ibm Websphere Application Server
6.4
CVSSv2
CVE-2009-0904
The IBM Stax XMLStreamWriter in the Web Services component in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.25 does not properly process XML encoding, which allows remote malicious users to bypass intended access restrictions and possibly modify data via "XML fuz...
Ibm Websphere Application Server 6.1.0.21
Ibm Websphere Application Server 6.1
Ibm Websphere Application Server 6.1.0.22
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.4
Ibm Websphere Application Server 6.1.14
Ibm Websphere Application Server 6.1.0.11
Ibm Websphere Application Server 6.1.0.14
Ibm Websphere Application Server 6.1.0.20
Ibm Websphere Application Server 6.1.0.9
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.13
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.1
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.13
Ibm Websphere Application Server 6.1.0.16
Ibm Websphere Application Server 6.1.0.6
Ibm Websphere Application Server 6.1.0.10
Ibm Websphere Application Server 6.1.0.8
6
CVSSv2
CVE-2018-1701
IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that would execute on the WebSphere Application Server. IBM X-Force ID: 145970.
Ibm Infosphere Information Server 11.7
Ibm Infosphere Information Server On Cloud 11.7
5
CVSSv2
CVE-2020-10693
A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows malicious users to bypass input sanitation (escaping, stripping) controls that develope...
Redhat Hibernate Validator 7.0.0
Redhat Hibernate Validator
Ibm Websphere Application Server
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Jboss Enterprise Application Platform 7.3.0
Redhat Satellite Capsule 6.8
Redhat Satellite 6.8
Quarkus Quarkus
Oracle Weblogic Server 14.1.1.0.0
3 Github repositories
5
CVSSv2
CVE-2016-9879
An issue exists in Pivotal Spring Security prior to 3.2.10, 4.1.x prior to 4.1.4, and 4.2.x prior to 4.2.1. Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded "/" to a request, an at...
Vmware Spring Security 4.2.0
Vmware Spring Security 4.1.1
Vmware Spring Security 4.1.0
Vmware Spring Security 4.1.2
Vmware Spring Security 3.2.7
Vmware Spring Security 3.2.8
Vmware Spring Security 4.1.3
Vmware Spring Security 3.2.9
Vmware Spring Security 3.2.6
Vmware Spring Security 3.2.1
Vmware Spring Security 3.2.3
Vmware Spring Security 3.2.0
Vmware Spring Security 3.2.5
Vmware Spring Security 3.2.4
Vmware Spring Security 3.2.2
Ibm Websphere Application Server 8.5.5.6
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.5.5.8
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.5.5
Ibm Websphere Application Server 8.5.5.9
5
CVSSv2
CVE-2010-3700
VMware SpringSource Spring Security 2.x prior to 2.0.6 and 3.x prior to 3.0.4, and Acegi Security 1.0.0 up to and including 1.0.7, as used in IBM WebSphere Application Server (WAS) 6.1 and 7.0, allows remote malicious users to bypass security constraints via a path parameter.
Acegisecurity Acegi-security 1.0.0
Acegisecurity Acegi-security 1.0.1
Acegisecurity Acegi-security 1.0.2
Acegisecurity Acegi-security 1.0.3
Acegisecurity Acegi-security 1.0.4
Acegisecurity Acegi-security 1.0.5
Acegisecurity Acegi-security 1.0.6
Acegisecurity Acegi-security 1.0.7
Vmware Springsource Spring Security 2.0.0
Vmware Springsource Spring Security 2.0.1
Vmware Springsource Spring Security 2.0.2
Vmware Springsource Spring Security 2.0.3
Vmware Springsource Spring Security 2.0.4
Vmware Springsource Spring Security 2.0.5
Vmware Springsource Spring Security 3.0.0
Vmware Springsource Spring Security 3.0.1
Vmware Springsource Spring Security 3.0.2
Vmware Springsource Spring Security 3.0.3
Ibm Websphere Application Server 6.1
Ibm Websphere Application Server 7.0
5
CVSSv2
CVE-2009-0432
The installation process for the File Transfer servlet in the System Management/Repository component in IBM WebSphere Application Server (WAS) 6.1.x prior to 6.1.0.19 does not enable the secure version, which allows remote malicious users to obtain sensitive information via unspe...
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.11
Ibm Websphere Application Server 6.1.0.9
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.13
Ibm Websphere Application Server 6.1.0.15
Ibm Websphere Application Server 6.1.0.5
4.9
CVSSv2
CVE-2015-7441
Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and Business Process Manager Advanced 7.5 up to and including 7.5.1.2, 8.0 up to and including 8.0.1.3, 8.5.0 up to and including 8.5.0.2, 8.5.5 up to and including 8.5.5.0, and 8.5.6 up to and including 8.5.6.2 does ...
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.6.1
Ibm Business Process Manager 7.5.0.0
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.0.1.3
Ibm Websphere Process Server 7.0
Ibm Business Process Manager 7.5.1.0
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 8.5.6.2
Ibm Business Process Manager 7.5.0.1
Ibm Business Process Manager 8.5.6.0
Ibm Business Process Manager 8.0.1.0
Ibm Business Process Manager 7.5.1.2
Ibm Business Process Manager 8.0.1.1
4.3
CVSSv2
CVE-2015-0106
Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x up to and including 7.5.1.2, 8.0 up to and including 8.0.1.3, 8.5.0 up to and including 8.5.0.1, and 8.5.5 up to and including 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2.x up to and includi...
Ibm Websphere Application Server 7.2.0.3
Ibm Websphere Application Server 7.1
Ibm Websphere Application Server 7.2.0.1
Ibm Websphere Application Server 7.2
Ibm Websphere Application Server 7.2.0.2
Ibm Websphere Application Server 7.2.0.5
Ibm Websphere Application Server 7.2.0.4
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 7.5.0.0
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 7.5.1.0
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 7.5.0.1
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.0.1.0
Ibm Business Process Manager 7.5.1.2
Ibm Business Process Manager 8.0.1.1
4.3
CVSSv2
CVE-2014-6176
IBM WebSphere Process Server 7.0, WebSphere Enterprise Service Bus 7.0, and Business Process Manager Advanced 7.5.x up to and including 7.5.1.2, 8.0.x up to and including 8.0.1.3, and 8.5.x up to and including 8.5.5 disregard the SSL setting in the SCA module HTTP import binding ...
Ibm Business Process Manager 8.5.5.0
Ibm Business Process Manager 8.5.0.1
Ibm Business Process Manager 8.0.1.3
Ibm Business Process Manager 7.5.0.0
Ibm Business Process Manager 7.5.1.0
Ibm Business Process Manager 7.5.0.1
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.0.1.2
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.0.1.1
Ibm Business Process Manager 8.0.1.0
Ibm Websphere Enterprise Service Bus 7.0
Ibm Websphere Process Server 7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »