Ibm

Websphere Application Server

435 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2011-1314

  • EPSS 0.46%
  • Published 08.03.2011 21:59:34
  • Last modified 11.04.2025 00:51:21

The Service Integration Bus (SIB) messaging engine in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (daemon hang) by performing close operations via network connections to a queue manager.

5

CVE-2011-1315

  • EPSS 0.81%
  • Published 08.03.2011 21:59:34
  • Last modified 11.04.2025 00:51:21

Memory leak in the messaging engine in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) via network connections associated with a NULL return value from a synchronous JMS...

5

CVE-2011-1316

  • EPSS 0.53%
  • Published 08.03.2011 21:59:34
  • Last modified 11.04.2025 00:51:21

The Session Initiation Protocol (SIP) Proxy in the HTTP Transport component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (worker thread exhaustion and UDP messaging outage) by sending ...

4.3

CVE-2008-7274

  • EPSS 0.23%
  • Published 15.02.2011 01:00:01
  • Last modified 11.04.2025 00:51:21

IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by (1) not providing a password or (2) providing an empty password.

4.3

CVE-2011-0315

  • EPSS 0.48%
  • Published 12.01.2011 01:00:02
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Servlet Engine / Web Container component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 allows remote attackers to inject arbitrary web script or HTML via vectors ...

5

CVE-2011-0316

  • EPSS 0.65%
  • Published 12.01.2011 01:00:02
  • Last modified 11.04.2025 00:51:21

The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 does not properly restrict access to console servlets, which allows remote attackers to obtain potentially sensitive status inf...

4.3

CVE-2010-4220

  • EPSS 0.27%
  • Published 09.11.2010 21:00:06
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Integrated Solution Console in the Administrative Console component in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.13 allows remote attackers to inject arbitrary web script or HTML via unspe...

4.3

CVE-2010-0783

  • EPSS 0.48%
  • Published 09.11.2010 21:00:02
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3

CVE-2010-0784

  • EPSS 0.49%
  • Published 09.11.2010 21:00:02
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6

CVE-2010-0785

  • EPSS 0.27%
  • Published 09.11.2010 21:00:02
  • Last modified 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.13 allows remote attackers to hijack the authentication of unspecified victims via unknow...