Ibm

Websphere Application Server

435 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2013-0458

  • EPSS 0.27%
  • Published 27.01.2013 18:55:02
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.27, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2, when login security is disabled, allows remote atta...

4.3

CVE-2013-0459

  • EPSS 0.27%
  • Published 27.01.2013 18:55:02
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.27, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 allows remote attackers to inject arbitrary web scri...

6.8

CVE-2013-0460

  • EPSS 0.12%
  • Published 27.01.2013 18:55:02
  • Last modified 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in the portlet subsystem in the administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47 and 7.0 before 7.0.0.27 allows remote attackers to hijack the authentication of arbit...

4.3

CVE-2013-0461

  • EPSS 0.27%
  • Published 27.01.2013 18:55:02
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the virtual member manager (VMM) administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.27, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 allows remote attackers...

10

CVE-2013-0462

  • EPSS 0.45%
  • Published 27.01.2013 18:55:02
  • Last modified 11.04.2025 00:51:21

Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.1, 7.0 before 7.0.0.27, 8.0, and 8.5 has unknown impact and attack vectors.

5

CVE-2012-3330

  • EPSS 0.59%
  • Published 14.11.2012 12:30:59
  • Last modified 11.04.2025 00:51:21

The proxy server in IBM WebSphere Application Server 7.0 before 7.0.0.27, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1, and WebSphere Virtual Enterprise, allows remote attackers to cause a denial of service (daemon outage) via a crafted request.

7.5

CVE-2012-4850

  • EPSS 0.79%
  • Published 14.11.2012 12:30:59
  • Last modified 11.04.2025 00:51:21

IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1, when JAX-RS is used, does not properly validate requests, which allows remote attackers to gain privileges via unspecified vectors.

4.3

CVE-2012-4851

  • EPSS 0.23%
  • Published 14.11.2012 12:30:59
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.

6.8

CVE-2012-4853

  • EPSS 0.16%
  • Published 14.11.2012 12:30:59
  • Last modified 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Application Server 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hijack the authentication of arbitrary users for reque...

6.8

CVE-2012-3304

  • EPSS 0.74%
  • Published 25.09.2012 20:55:01
  • Last modified 11.04.2025 00:51:21

The Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hijack sessions via unspecified vectors.