Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
websphere application server vulnerabilities and exploits
(subscribe to this query)
802
VMScore
CVE-2020-4464
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could allow a remote malicious user to execute arbitrary code on a system with a specially-crafted sequence of serialized objects over the SOAP connector. IBM X-Force ID: 181489.
Ibm Websphere Application Server
2 Github repositories
801
VMScore
CVE-2015-4947
Stack-based buffer overflow in the Administration Server in IBM HTTP Server 6.1.0.x up to and including 6.1.0.47, 7.0.0.x prior to 7.0.0.39, 8.0.0.x prior to 8.0.0.12, and 8.5.x prior to 8.5.5.7, as used in WebSphere Application Server and other products, allows remote authentica...
Ibm Http Server
756
VMScore
CVE-2015-1882
Multiple race conditions in IBM WebSphere Application Server (WAS) 8.5 Liberty Profile prior to 8.5.5.5 allow remote authenticated users to gain privileges by leveraging thread conflicts that result in Java code execution outside the context of the configured EJB Run-as user.
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 8.5.5.2
Ibm Websphere Application Server 8.5.5.3
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.5.5.4
Ibm Websphere Application Server 8.5.0.1
755
VMScore
CVE-2019-8352
By default, BMC PATROL Agent up to and including 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services. If an attacker were able to capture this network traffic, they could decrypt these credentials ...
Bmc Patrol Agent
1 EDB exploit
694
VMScore
CVE-2021-20354
IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote malicious user to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 194883.
Ibm Websphere Application Server
694
VMScore
CVE-2016-9692
IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP r...
Ibm Websphere Cast Iron Solution 7.5.0.1
Ibm Websphere Cast Iron Solution 7.0.0.2
Ibm Websphere Cast Iron Solution 7.0.0.1
Ibm Websphere Cast Iron Solution 7.0.0
Ibm Websphere Cast Iron Solution 7.5.1.0
Ibm Websphere Cast Iron Solution 7.5.0.0
694
VMScore
CVE-2016-8919
IBM WebSphere Application Server may be vulnerable to a denial of service, caused by allowing serialized objects from untrusted sources to run and cause the consumption of resources.
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 8.5.5
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 7.0
694
VMScore
CVE-2009-2744
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.27 allows remote malicious users to cause a denial of service via unknown vectors, related to "an error in fixpacks 6.1.0.23 and 6.1.0.25."
Ibm Websphere Application Server 6.1.0.24
Ibm Websphere Application Server 6.1.0.16
Ibm Websphere Application Server 6.1.0.15
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0
Ibm Websphere Application Server 6.1.0.8
Ibm Websphere Application Server 6.1.0.9
Ibm Websphere Application Server 6.1.0.23
Ibm Websphere Application Server 6.1.0.22
Ibm Websphere Application Server 6.1.0.14
Ibm Websphere Application Server 6.1.0.13
Ibm Websphere Application Server 6.1
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0.25
Ibm Websphere Application Server 6.1.0.26
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.18
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.10
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.6
Ibm Websphere Application Server 6.1.0.7
694
VMScore
CVE-2009-0391
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0.1 on z/OS allows malicious users to read arbitrary files via unknown vectors.
Ibm Websphere Application Server 6.0.1
694
VMScore
CVE-2008-4678
The HTTP_Request_Parser method in the HTTP Transport component in IBM WebSphere Application Server (WAS) 6.0.2 prior to 6.0.2.31 allows remote malicious users to cause a denial of service (controller 0C4 abend and application hang) via a long HTTP Host header, related to "st...
Ibm Websphere Application Server 6.0.2.13
Ibm Websphere Application Server 6.0.2.15
Ibm Websphere Application Server 6.0.2.17
Ibm Websphere Application Server 6.0.2.4
Ibm Websphere Application Server 6.0.2.3
Ibm Websphere Application Server 6.0.2
Ibm Websphere Application Server 6.0.2.23
Ibm Websphere Application Server 6.0.2.9
Ibm Websphere Application Server 6.0.2.19
Ibm Websphere Application Server 6.0.2.2
Ibm Websphere Application Server 6.0.2.25
Ibm Websphere Application Server 6.0.2.27
Ibm Websphere Application Server 6.0.2.1
Ibm Websphere Application Server 6.0.2.11
Ibm Websphere Application Server 6.0.2.6
Ibm Websphere Application Server 6.0.2.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »