Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere application server 8.5.0.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-4006
IBM WebSphere Application Server (WAS) Liberty Profile 8.5 prior to 8.5.5.1 uses weak permissions for unspecified files, which allows local users to obtain sensitive information via standard filesystem operations.
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 8.5.0.0
NA
CVE-2014-0896
IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x prior to 8.5.5.2 allows remote malicious users to obtain sensitive information via a crafted request.
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.5.5.0
NA
CVE-2014-4767
IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x prior to 8.5.5.3 does not properly use the Liberty Repository for feature installation, which allows remote authenticated users to execute arbitrary code via unspecified vectors.
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 8.5.5.2
NA
CVE-2014-8890
IBM WebSphere Application Server Liberty Profile 8.5.x prior to 8.5.5.4 allows remote malicious users to gain privileges by leveraging the combination of a servlet's deployment descriptor security constraints and ServletSecurity annotations.
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.5.3
Ibm Websphere Application Server 8.5.5.2
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.0.2
NA
CVE-2015-0174
The SNMP implementation in IBM WebSphere Application Server (WAS) 8.5 prior to 8.5.5.5 does not properly handle configuration data, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 8.5.5.3
Ibm Websphere Application Server 8.5.5.4
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.5.2
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.5.5.1
NA
CVE-2015-0175
IBM WebSphere Application Server (WAS) 8.5 Liberty Profile prior to 8.5.5.5 does not properly implement authData elements, which allows remote authenticated users to gain privileges via unspecified vectors.
Ibm Websphere Application Server 8.5.5.2
Ibm Websphere Application Server 8.5.5.3
Ibm Websphere Application Server 8.5.5.4
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.5.5.1
NA
CVE-2015-1882
Multiple race conditions in IBM WebSphere Application Server (WAS) 8.5 Liberty Profile prior to 8.5.5.5 allow remote authenticated users to gain privileges by leveraging thread conflicts that result in Java code execution outside the context of the configured EJB Run-as user.
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 8.5.5.2
Ibm Websphere Application Server 8.5.5.3
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.5.5.4
Ibm Websphere Application Server 8.5.0.1
NA
CVE-2013-4004
Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 8.0 prior to 8.0.0.7 and 8.5 prior to 8.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Websphere Application Server 8.0.0.3
Ibm Websphere Application Server 8.0.0.4
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 8.0.0.6
Ibm Websphere Application Server 8.0.0.0
Ibm Websphere Application Server 8.0.0.1
Ibm Websphere Application Server 8.0.0.2
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 8.5.0.2
NA
CVE-2014-0823
IBM WebSphere Application Server (WAS) 8.x prior to 8.0.0.9 and 8.5.x prior to 8.5.5.2 allows remote malicious users to read arbitrary files via a crafted URL.
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0.0.2
Ibm Websphere Application Server 8.0.0.3
Ibm Websphere Application Server 8.0.0.0
Ibm Websphere Application Server 8.0.0.1
Ibm Websphere Application Server 8.0.0.8
Ibm Websphere Application Server 8.0.0.4
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 8.0.0.6
Ibm Websphere Application Server 8.0.0.7
NA
CVE-2014-0857
The Administrative Console in IBM WebSphere Application Server (WAS) 8.x prior to 8.0.0.9 and 8.5.x prior to 8.5.5.2 allows remote authenticated users to obtain sensitive information via a crafted request.
Ibm Websphere Application Server 8.5.5.1
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0.0.4
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 8.0.0.6
Ibm Websphere Application Server 8.0.0.7
Ibm Websphere Application Server 8.0.0.8
Ibm Websphere Application Server 8.0.0.2
Ibm Websphere Application Server 8.0.0.3
Ibm Websphere Application Server 8.0.0.0
Ibm Websphere Application Server 8.0.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »