CVE-2026-9170
- EPSS 0.49%
- Veröffentlicht 26.05.2026 17:31:55
- Zuletzt bearbeitet 11.06.2026 14:16:33
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service and a potential remote code execution due to improper input validation.
CVE-2026-8835
- EPSS 0.25%
- Veröffentlicht 26.05.2026 17:11:19
- Zuletzt bearbeitet 26.05.2026 20:31:32
IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service.
- EPSS 0.26%
- Veröffentlicht 26.05.2026 17:10:24
- Zuletzt bearbeitet 26.05.2026 20:34:50
IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service.
CVE-2026-8855
- EPSS 0.46%
- Veröffentlicht 26.05.2026 16:58:54
- Zuletzt bearbeitet 26.05.2026 20:25:33
IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication).
CVE-2026-8854
- EPSS 0.36%
- Veröffentlicht 26.05.2026 16:58:11
- Zuletzt bearbeitet 26.05.2026 20:27:32
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache.
CVE-2026-8856
- EPSS 0.2%
- Veröffentlicht 26.05.2026 16:56:58
- Zuletzt bearbeitet 26.05.2026 20:22:17
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration.
CVE-2026-8852
- EPSS 0.2%
- Veröffentlicht 26.05.2026 16:56:07
- Zuletzt bearbeitet 26.05.2026 20:50:11
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_fastcgi module.
CVE-2026-8850
- EPSS 0.38%
- Veröffentlicht 26.05.2026 16:54:23
- Zuletzt bearbeitet 26.05.2026 20:50:36
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_ibm_upload.
CVE-2023-32342
- EPSS 0.93%
- Veröffentlicht 30.05.2023 22:15:10
- Zuletzt bearbeitet 21.11.2024 08:03:09
IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vu...
CVE-2023-26281
- EPSS 1.12%
- Veröffentlicht 01.03.2023 08:15:14
- Zuletzt bearbeitet 21.11.2024 07:51:03
IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296.