Ibm

Websphere Application Server

439 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-36097

  • EPSS 0.08%
  • Veröffentlicht 16.07.2025 17:44:14
  • Zuletzt bearbeitet 11.08.2025 19:17:55

IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service, caused by a stack-based overflow. An attacker can send a specially crafted request that cause the server t...

9.8

CVE-2025-36038

Medienbericht
  • EPSS 0.37%
  • Veröffentlicht 25.06.2025 20:38:02
  • Zuletzt bearbeitet 18.07.2025 18:11:33

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects.

7.6

CVE-2025-33104

  • EPSS 0.12%
  • Veröffentlicht 14.05.2025 19:01:09
  • Zuletzt bearbeitet 18.07.2025 15:56:16

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosur...

2.7

CVE-2025-27907

  • EPSS 0.16%
  • Veröffentlicht 22.04.2025 16:20:21
  • Zuletzt bearbeitet 18.07.2025 15:51:47

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other...

4.8

CVE-2024-45087

  • EPSS 0.13%
  • Veröffentlicht 11.11.2024 17:15:04
  • Zuletzt bearbeitet 18.11.2024 16:34:23

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentia...

5.5

CVE-2024-45086

  • EPSS 0.03%
  • Veröffentlicht 04.11.2024 20:15:05
  • Zuletzt bearbeitet 06.11.2024 23:04:04

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources.

4.8

CVE-2024-45071

  • EPSS 0.3%
  • Veröffentlicht 16.10.2024 17:15:16
  • Zuletzt bearbeitet 21.10.2024 13:41:29

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cr...

5.5

CVE-2024-45072

  • EPSS 0.04%
  • Veröffentlicht 16.10.2024 17:15:16
  • Zuletzt bearbeitet 21.10.2024 13:41:20

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources.

7.5

CVE-2024-45085

  • EPSS 0.15%
  • Veröffentlicht 15.10.2024 22:15:03
  • Zuletzt bearbeitet 08.11.2024 15:13:11

IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request. A remote attacker could exploit this vulnerability to cause an error resulting in a denial of ...

4.8

CVE-2024-45073

  • EPSS 0.24%
  • Veröffentlicht 30.09.2024 22:15:02
  • Zuletzt bearbeitet 07.01.2025 14:36:34

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cr...