Ibm

Websphere Application Server

435 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2024-45087

  • EPSS 0.14%
  • Published 11.11.2024 17:15:04
  • Last modified 18.11.2024 16:34:23

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentia...

5.5

CVE-2024-45086

  • EPSS 0.13%
  • Published 04.11.2024 20:15:05
  • Last modified 06.11.2024 23:04:04

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources.

4.8

CVE-2024-45071

  • EPSS 0.17%
  • Published 16.10.2024 17:15:16
  • Last modified 21.10.2024 13:41:29

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cr...

5.5

CVE-2024-45072

  • EPSS 0.16%
  • Published 16.10.2024 17:15:16
  • Last modified 21.10.2024 13:41:20

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources.

7.5

CVE-2024-45085

  • EPSS 0.08%
  • Published 15.10.2024 22:15:03
  • Last modified 08.11.2024 15:13:11

IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request. A remote attacker could exploit this vulnerability to cause an error resulting in a denial of ...

4.8

CVE-2024-45073

  • EPSS 0.11%
  • Published 30.09.2024 22:15:02
  • Last modified 07.01.2025 14:36:34

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cr...

7.5

CVE-2023-50314

  • EPSS 0.05%
  • Published 14.08.2024 18:15:09
  • Last modified 23.08.2024 19:20:22

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obta...

5.9

CVE-2023-50315

  • EPSS 0.05%
  • Published 14.08.2024 17:15:14
  • Last modified 11.09.2024 13:38:26

IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive informati...

7.2

CVE-2024-35154

  • EPSS 0.18%
  • Published 09.07.2024 22:15:02
  • Last modified 21.11.2024 09:19:50

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has authorized access to the administrative console, to execute arbitrary code. Using specially crafted input, the attacker could exploit this vulnerabilit...

4.8

CVE-2024-35153

  • EPSS 0.1%
  • Published 27.06.2024 18:15:18
  • Last modified 21.11.2024 09:19:49

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentia...