Ibm

Websphere Application Server

435 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2020-4575

  • EPSS 0.13%
  • Published 27.08.2020 13:15:12
  • Last modified 21.11.2024 05:32:55

IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured.

10

CVE-2020-4589

  • EPSS 6.77%
  • Published 13.08.2020 12:15:25
  • Last modified 21.11.2024 05:32:56

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 184585.

8.8

CVE-2020-4534

  • EPSS 0.15%
  • Published 03.08.2020 13:15:11
  • Last modified 21.11.2024 05:32:51

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper handling of UNC paths. By scheduling a task with a specially-crafted UNC path, an attacke...

9

CVE-2020-4464

  • EPSS 37.88%
  • Published 17.07.2020 14:15:11
  • Last modified 21.11.2024 05:32:46

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to execute arbitrary code on a system with a specially-crafted sequence of serialized objects over the SOAP connector. IBM X-Force ID: 181489.

10

CVE-2020-4448

  • EPSS 16.24%
  • Published 05.06.2020 17:15:11
  • Last modified 21.11.2024 05:32:45

IBM WebSphere Application Server Network Deployment 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 181228.

7.5

CVE-2020-4449

  • EPSS 0.78%
  • Published 05.06.2020 17:15:11
  • Last modified 21.11.2024 05:32:45

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to obtain sensitive information with a specially-crafted sequence of serialized objects. IBM X-Force ID: 181230.

10

CVE-2020-4450

  • EPSS 76.78%
  • Published 05.06.2020 17:15:11
  • Last modified 21.11.2024 05:32:45

IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects. IBM X-Force ID: 181231.

4.3

CVE-2020-4365

  • EPSS 0.18%
  • Published 14.05.2020 16:15:15
  • Last modified 21.11.2024 05:32:39

IBM WebSphere Application Server 8.5 is vulnerable to server-side request forgery. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 178964.

5.3

CVE-2020-10693

  • EPSS 0.03%
  • Published 06.05.2020 14:15:10
  • Last modified 21.11.2024 04:55:52

A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping...

5.5

CVE-2020-4421

  • EPSS 0.17%
  • Published 06.05.2020 14:15:10
  • Last modified 21.11.2024 05:32:43

IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4 could allow an authenticated user using openidconnect to spoof another users identify. IBM X-Force ID: 180084.