Ibm

Websphere Application Server

435 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-37532

  • EPSS 0.08%
  • Published 20.06.2024 14:15:10
  • Last modified 21.11.2024 09:24:01

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to identity spoofing by an authenticated user due to improper signature validation. IBM X-Force ID: 294721.

7.5

CVE-2024-25026

  • EPSS 0.02%
  • Published 25.04.2024 13:15:51
  • Last modified 27.02.2025 16:24:20

IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 are vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability...

4.3

CVE-2024-22329

  • EPSS 0.04%
  • Published 17.04.2024 02:15:10
  • Last modified 06.03.2025 14:24:40

IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker could exploit this vulnerabilit...

7

CVE-2024-22354

  • EPSS 0.02%
  • Published 17.04.2024 01:15:06
  • Last modified 06.03.2025 14:24:40

IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.5 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerabil...

7.5

CVE-2024-27268

  • EPSS 0.17%
  • Published 04.04.2024 18:15:13
  • Last modified 10.04.2025 21:05:27

IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources...

6.5

CVE-2023-50313

  • EPSS 0.02%
  • Published 02.04.2024 13:15:51
  • Last modified 21.11.2024 08:36:50

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration. IBM X-Force ID: 274812.

7.5

CVE-2024-22353

  • EPSS 0.02%
  • Published 31.03.2024 12:15:50
  • Last modified 21.11.2024 08:56:06

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources...

6.1

CVE-2024-27270

  • EPSS 0.07%
  • Published 27.03.2024 13:15:47
  • Last modified 05.03.2025 20:50:02

IBM WebSphere Application Server Liberty 23.0.0.3 through 24.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in a specially crafted URI. IBM X-Force ID: 284576.

6.5

CVE-2023-50312

  • EPSS 0.03%
  • Published 01.03.2024 03:15:06
  • Last modified 23.04.2025 19:38:50

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration. IBM X-Force ID: 274711.

7.5

CVE-2023-38737

  • EPSS 0.02%
  • Published 16.08.2023 19:15:09
  • Last modified 21.11.2024 08:14:08

IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resource...