Ibm

Websphere Application Server

435 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2006-7166

  • EPSS 0.34%
  • Published 20.03.2007 10:19:00
  • Last modified 09.04.2025 00:30:58

IBM WebSphere Application Server (WAS) 5.1.1.9 and earlier allows remote attackers to obtain JSP source code and other sensitive information via "a specific JSP URL."

10

CVE-2006-6636

  • EPSS 1.66%
  • Published 19.12.2006 20:28:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the Utility Classes for IBM WebSphere Application Server (WAS) before 5.1.1.13 and 6.x before 6.0.2.17 has unknown impact and attack vectors.

5

CVE-2006-6637

  • EPSS 1.01%
  • Published 19.12.2006 20:28:00
  • Last modified 09.04.2025 00:30:58

The Servlet Engine and Web Container in IBM WebSphere Application Server (WAS) before 6.0.2.17, when ibm-web-ext.xmi sets fileServingEnabled to true and servlet caching is enabled, allows remote attackers to obtain JSP source code and other sensitive...

10

CVE-2006-6135

  • EPSS 0.82%
  • Published 28.11.2006 02:07:00
  • Last modified 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) have unknown impact and attack vectors, related to (1) a "Potential security vulnerability" (PK29725) and (2) "Potential security exposure" (PK...

10

CVE-2006-6136

  • EPSS 1.21%
  • Published 28.11.2006 02:07:00
  • Last modified 09.04.2025 00:30:58

IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) does not perform EAL4 authentication checks at the proper time during "registering of response operation," which has unknown impact and attack vectors.

10

CVE-2006-5323

  • EPSS 0.66%
  • Published 17.10.2006 17:07:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in IBM WebSphere Application Server before 6.1.0.2 has unspecified impact and attack vectors, related to a "possible security exposure," aka PK29360.

7.5

CVE-2006-5324

  • EPSS 0.48%
  • Published 17.10.2006 17:07:00
  • Last modified 09.04.2025 00:30:58

The Web Services Notification (WSN) security component of IBM WebSphere Application Server before 6.1.0.2 allows attackers to obtain unspecified access without supplying a username and password, aka PK28374.

5

CVE-2006-4222

  • EPSS 0.36%
  • Published 18.08.2006 20:04:00
  • Last modified 03.04.2025 01:03:51

Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.0.2.13 have unspecified vectors and impact, including (1) an "authority problem" in ThreadIdentitySupport as identified by PK25199, and "Potential security exposure" is...

5

CVE-2006-4223

  • EPSS 0.57%
  • Published 18.08.2006 20:04:00
  • Last modified 03.04.2025 01:03:51

IBM WebSphere Application Server (WAS) before 6.0.2.13 allows context-dependent attackers to obtain sensitive information via unspecified vectors related to "JSP source code exposure" (PK23475), which occurs when ibm-web-ext.xmi sets fileServingEnabl...

7.5

CVE-2006-4136

  • EPSS 0.67%
  • Published 14.08.2006 23:04:00
  • Last modified 03.04.2025 01:03:51

Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.1.0.1 have unspecified impact and attack vectors involving (1) "SOAP requests and responses", (2) mbean, (3) ThreadIdentitySupport, and possibly others.