Ibm

Websphere Application Server

436 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-12635

  • EPSS 0.03%
  • Veröffentlicht 08.12.2025 21:58:13
  • Zuletzt bearbeitet 09.12.2025 18:37:33

IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by cross-site scripting due to improper validation of user-supplied input. An attacker could exploit this vulnerability by ...

4.9

CVE-2025-36099

Medienbericht
  • EPSS 0.06%
  • Veröffentlicht 29.09.2025 19:15:34
  • Zuletzt bearbeitet 03.10.2025 17:54:19

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A privileged user could exploit this vulnerability to cause the server to consume memory resources.

7.5

CVE-2025-33142

  • EPSS 0.04%
  • Veröffentlicht 14.08.2025 15:41:59
  • Zuletzt bearbeitet 18.08.2025 18:05:01

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections.

7.5

CVE-2025-36047

  • EPSS 0.13%
  • Veröffentlicht 14.08.2025 15:38:11
  • Zuletzt bearbeitet 03.11.2025 20:18:30

IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources...

4.8

CVE-2025-36000

  • EPSS 0.03%
  • Veröffentlicht 12.08.2025 19:39:17
  • Zuletzt bearbeitet 14.08.2025 01:29:01

IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.8 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality p...

7.5

CVE-2025-36124

  • EPSS 0.08%
  • Veröffentlicht 12.08.2025 18:45:24
  • Zuletzt bearbeitet 14.08.2025 01:23:45

IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.8 could allow a remote attacker to bypass security restrictions caused by a failure to honor JMS messaging configuration

7.5

CVE-2024-56339

  • EPSS 0.05%
  • Veröffentlicht 07.08.2025 16:03:05
  • Zuletzt bearbeitet 14.08.2025 20:02:02

IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 could allow a remote attacker to bypass security restrictions caused by a failure to honor security configuration.

7.5

CVE-2025-36097

  • EPSS 0.14%
  • Veröffentlicht 16.07.2025 17:44:14
  • Zuletzt bearbeitet 11.08.2025 19:17:55

IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service, caused by a stack-based overflow. An attacker can send a specially crafted request that cause the server t...

9.8

CVE-2025-36038

Medienbericht
  • EPSS 0.13%
  • Veröffentlicht 25.06.2025 20:38:02
  • Zuletzt bearbeitet 18.07.2025 18:11:33

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects.

7.6

CVE-2025-33104

  • EPSS 0.02%
  • Veröffentlicht 14.05.2025 19:01:09
  • Zuletzt bearbeitet 18.07.2025 15:56:16

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosur...