CVE-2019-4269
- EPSS 0.36%
- Published 28.06.2019 17:15:11
- Last modified 21.11.2024 04:43:24
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console could allow a remote attacker to obtain sensitive information when a specially crafted url causes a stack trace to be dumped. IBM X-Force ID: 160202.
- EPSS 84.08%
- Published 17.05.2019 16:29:03
- Last modified 21.11.2024 04:43:25
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 160445.
CVE-2019-4080
- EPSS 1.34%
- Published 02.04.2019 14:29:01
- Last modified 21.11.2024 04:43:08
IBM WebSphere Application Server Admin Console 7.5, 8.0, 8.5, and 9.0 is vulnerable to a potential denial of service, caused by improper parameter parsing. A remote attacker could exploit this to consume all available CPU resources. IBM X-Force ID: 1...
CVE-2019-4046
- EPSS 1.18%
- Published 25.03.2019 19:29:02
- Last modified 21.11.2024 04:43:04
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by improper handling of request headers. A remote attacker could exploit this vulnerability to cause the consumption of Memory. IBM X-Force ID: 15624...
CVE-2018-1902
- EPSS 0.28%
- Published 11.03.2019 22:29:00
- Last modified 21.11.2024 04:00:34
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to spoof connection information which could be used to launch further attacks against the system. IBM X-Force ID: 152531.
CVE-2019-4030
- EPSS 0.24%
- Published 06.03.2019 20:29:00
- Last modified 21.11.2024 04:43:03
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosur...
CVE-2018-1996
- EPSS 0.09%
- Published 19.02.2019 17:29:00
- Last modified 21.11.2024 04:00:42
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security, caused by the improper TLS configuration. A remote attacker could exploit this vulnerability to obtain sensitive information using man in the middle ...
CVE-2018-1901
- EPSS 0.74%
- Published 12.12.2018 16:29:01
- Last modified 21.11.2024 04:00:34
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to temporarily gain elevated privileges on the system, caused by incorrect cached value being used. IBM X-Force ID: 152530.
CVE-2018-1926
- EPSS 0.18%
- Published 12.12.2018 16:29:01
- Last modified 21.11.2024 04:00:36
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious URL, a remote attacker could send a spe...
CVE-2018-1904
- EPSS 0.81%
- Published 11.12.2018 16:29:02
- Last modified 21.11.2024 04:00:34
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute arbitrary Java code through an administrative client class with a serialized object from untrusted sources. IBM X-Force ID: 152533.