Ibm

Websphere Application Server

435 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2011-1314

  • EPSS 0.46%
  • Veröffentlicht 08.03.2011 21:59:34
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Service Integration Bus (SIB) messaging engine in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (daemon hang) by performing close operations via network connections to a queue manager.

5

CVE-2011-1315

  • EPSS 0.81%
  • Veröffentlicht 08.03.2011 21:59:34
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Memory leak in the messaging engine in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) via network connections associated with a NULL return value from a synchronous JMS...

5

CVE-2011-1316

  • EPSS 0.53%
  • Veröffentlicht 08.03.2011 21:59:34
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Session Initiation Protocol (SIP) Proxy in the HTTP Transport component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (worker thread exhaustion and UDP messaging outage) by sending ...

4.3

CVE-2008-7274

  • EPSS 0.23%
  • Veröffentlicht 15.02.2011 01:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by (1) not providing a password or (2) providing an empty password.

4.3

CVE-2011-0315

  • EPSS 0.48%
  • Veröffentlicht 12.01.2011 01:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Servlet Engine / Web Container component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 allows remote attackers to inject arbitrary web script or HTML via vectors ...

5

CVE-2011-0316

  • EPSS 0.65%
  • Veröffentlicht 12.01.2011 01:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 does not properly restrict access to console servlets, which allows remote attackers to obtain potentially sensitive status inf...

4.3

CVE-2010-4220

  • EPSS 0.27%
  • Veröffentlicht 09.11.2010 21:00:06
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Integrated Solution Console in the Administrative Console component in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.13 allows remote attackers to inject arbitrary web script or HTML via unspe...

4.3

CVE-2010-0783

  • EPSS 0.48%
  • Veröffentlicht 09.11.2010 21:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3

CVE-2010-0784

  • EPSS 0.49%
  • Veröffentlicht 09.11.2010 21:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6

CVE-2010-0785

  • EPSS 0.27%
  • Veröffentlicht 09.11.2010 21:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.13 allows remote attackers to hijack the authentication of unspecified victims via unknow...