Export limit exceeded: 362508 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (879 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-1731 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | N/A |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security when using the Administrative Console. An authenticated remote attacker could exploit this vulnerability to possibly gain elevated privileges. | ||||
| CVE-2017-1699 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | N/A |
| IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissions on certain files it creates. A local attacker could exploit this vulnerability to modify or delete data contained in the files with an unknown impact. IBM X-Force ID: 134391. | ||||
| CVE-2017-1612 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | N/A |
| IBM WebSphere MQ 7.0, 7.1, 7.5, 8.0, and 9.0 service trace module could be used to execute untrusted code under 'mqm' user. IBM X-Force ID: 132953. | ||||
| CVE-2017-1557 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | N/A |
| IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user with authority to send a specially crafted request that could cause a channel process to cease processing further requests. IBM X-Force ID: 131547. | ||||
| CVE-2017-1418 | 1 Ibm | 2 Integration Bus, Websphere Message Broker | 2024-11-21 | N/A |
| IBM Integration Bus 9.0.0.0, 9.0.0.11, 10.0.0.0, and 10.0.0.14 (including IBM WebSphere Message Broker 8.0.0.0 and 8.0.0.9) has insecure permissions on certain files. A local attacker could exploit this vulnerability to modify or delete these files with an unknown impact. IBM X-Force ID: 127406. | ||||
| CVE-2015-1957 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | N/A |
| IBM WebSphere MQ 7.5.x before 7.5.0.6 and 8.0.x before 8.0.0.3 allows remote authenticated users to obtain sensitive information via a man-in-the-middle attack, related to duplication of message data in cleartext outside the protected payload. IBM X-Force ID: 103482. | ||||
| CVE-2013-3024 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | N/A |
| IBM WebSphere Application Server (WAS) 8.5 through 8.5.0.2 on UNIX allows local users to gain privileges by leveraging improper process initialization. IBM X-Force ID: 84362. | ||||
| CVE-2013-2972 | 1 Ibm | 1 Websphere Cast Iron Cloud Integration | 2024-11-21 | N/A |
| IBM WebSphere Cast Iron 6.3 allows remote attackers to bypass intended access restrictions via unspecified vectors. IBM X-Force ID: 83868. | ||||
| CVE-2013-2951 | 1 Ibm | 1 Websphere Portal | 2024-11-21 | N/A |
| IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file. IBM X-Force ID: 83621. | ||||
| CVE-2012-4863 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 6.5 Medium |
| IBM WebSphere MQ 7.1 and 7.5: Queue manager has a DoS vulnerability | ||||
| CVE-2012-2201 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 7.5 High |
| IBM WebSphere MQ 7.1 is vulnerable to a denial of service, caused by an error when handling user ids. A remote attacker could exploit this vulnerability to bypass the security configuration setup on a SVRCONN channel and flood the queue manager. | ||||
| CVE-2011-4889 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | N/A |
| The javax.naming.directory.AttributeInUseException class in the Virtual Member Manager in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.43, 7.0 before 7.0.0.21, and 8.0 before 8.0.0.2 does not properly update passwords on a configuration using Tivoli Directory Server, which might allow remote attackers to gain access to an application by leveraging knowledge of an old password. IBM X-Force ID: 72581. | ||||
| CVE-2024-45087 | 1 Ibm | 1 Websphere Application Server | 2024-11-18 | 4.8 Medium |
| IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2024-45085 | 1 Ibm | 1 Websphere Application Server | 2024-11-08 | 5.9 Medium |
| IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request. A remote attacker could exploit this vulnerability to cause an error resulting in a denial of service. | ||||
| CVE-2024-45086 | 1 Ibm | 1 Websphere Application Server | 2024-11-06 | 5.5 Medium |
| IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources. | ||||
| CVE-2024-45071 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-10-21 | 5.5 Medium |
| IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2024-45072 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-10-21 | 5.5 Medium |
| IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources. | ||||
| CVE-2023-50315 | 1 Ibm | 1 Websphere Application Server | 2024-09-11 | 5.3 Medium |
| IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274714. | ||||
| CVE-2023-50314 | 1 Ibm | 1 Websphere Application Server | 2024-08-23 | 5.3 Medium |
| IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274713. | ||||