Lucene search
K

999 matches found

EUVD
EUVD
added yesterday3 views

EUVD-2026-40413

IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability...

7.4CVSS5.8AI score0.00342EPSS
Exploits0References2
CVE
CVE
added 3 days ago31 views

CVE-2026-55957

CVE-2026-55957 describes an authentication bypass in Apache Tomcat when JNDIRealm is configured to authenticate binds using GSSAPI, allowing attackers to authenticate without the correct password. Affected releases include Tomcat 11.0.0-M1–11.0.4, 10.1.0-M1–10.1.36, 9.0.0.M1–9.0.100, 8.5.0–8.5.10...

7.3CVSS5.7AI score0.00252EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.10 views

IBM WebSphere Application Server 8.5.x < 8.5.5.30 / 9.x < 9.0.5.29 RCE (7277544)

The version of IBM WebSphere Application Server running on the remote host is affected by a remote code execution vulnerability as referenced in the 7277544 advisory. - IBM WebSphere Application Server is affected by a remote code execution vulnerability in the SOAP/JMX connector. CWE: CWE-502:...

6.4AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 3:57 p.m.5 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server and WebSphere Application Server Liberty shipped with IBM WebSphere Remote Server

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM WebSphere Application Server and WebSphere Application Server Liberty have been published in a security bulletin...

9.8CVSS5.8AI score0.00409EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 2:45 p.m.19 views

Security Bulletin: IBM WebSphere Application Server is affected by multiple cross-site scripting vulnerabilities (CVE-2026-11594, CVE-2026-11707, CVE-2026-11383)

Summary IBM WebSphere Application Server is affected by multiple cross-site scripting vulnerabilities in the administrative console. Vulnerability Details CVEID:CVE-2026-11594 DESCRIPTION: IBM WebSphere Application Server is affected by a cross-site scripting vulnerability in the administrative...

8.5CVSS5.7AI score0.00281EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 5:25 p.m.3 views

Security Bulletin: SPSS Collaboration and Deployment Services is affected by Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc

Summary SPSS Collaboration and Deployment Services is affected by Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2026-3505 DESCRIPTION: Allocation of resources without limits o...

8.7CVSS5.7AI score0.00758EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/06/08 12:49 p.m.11 views

CLEANSTART-2026-RQ86436 Security fixes for CVE-2026-25679, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27139, CVE-2026-27140, CVE-2026-27142, CVE-2026-27143, CVE-2026-32280, CVE-2026-32281, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42506, CVE-2026-42508, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, ghsa-f6x5-jh6r-wrfv, ghsa-hfvc-g4fc-pqhx, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 8.4.0-r0, 8.5.0-r0, 8.5.0-r1, 8.5.0-r2, 8.5.0-r3

Multiple security vulnerabilities affect the kubernetes-csi-external-snapshotter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS7.6AI score0.01557EPSS
Exploits1References89
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/02 2:36 p.m.12 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2026-8644)

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

9.1CVSS5.8AI score0.00318EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/02 2:35 p.m.9 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2026-9319)

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

9CVSS6.4AI score0.00441EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/02 2:34 p.m.7 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2026-9311, CVE-2026-9330)

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM WebSphere Application Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

9CVSS6.5AI score0.00489EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/06/01 5:46 p.m.15 views

EUVD-2026-33732

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing...

9.1CVSS5.8AI score0.00318EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 5:46 p.m.9 views

CVE-2026-8644 IBM WebSphere Application Server is affected by an identity spoofing vulnerability

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing...

9.1CVSS5.8AI score0.00318EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:54 p.m.8 views

CVE-2026-4410

IBM WebSphere Application Server - Liberty 19.0.0.7 through 26.0.0.5 and IBM WebSphere Application Server 9.0, and 8.5 and WebSphere Application Server Liberty are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability ...

4.8CVSS5.8AI score0.005EPSS
Exploits0References2Affected Software2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

IBM多款产品 安全漏洞

IBM WebSphere Application Server WAS, among others, are products of the American multinational company IBM. IBM WebSphere Application Server is an application server product. IBM WebSphere Application Server Liberty is a Java application server built upon the Open Liberty project. IBM webMethods...

7.5CVSS5.9AI score0.005EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

IBM HTTP Server 代码注入漏洞

IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain code injection vulnerabilities. These vulnerabilities stem from configurations involving TLS mutual authentication, which may lead to remote...

9.8CVSS6.5AI score0.00456EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty 代码注入漏洞

IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty are web server integration plugins developed by IBM. Versions 8.5 and 9.0 of these plugins contain a code injection vulnerability that can be exploited by remote code execution attacks...

9.8CVSS6.4AI score0.00847EPSS
Exploits0References1
OSV
OSV
added 2026/05/18 8:56 a.m.64 views

BIT-TOMCAT-2020-1938

When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that...

9.8CVSS7.7AI score0.9927EPSS
Exploits45References53
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.8 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-021473)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021473 advisory. In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed i...

7.5CVSS5.8AI score0.00443EPSS
Exploits0References4
OSV
OSV
added 2026/05/12 8:56 a.m.8 views

BIT-PHP-MIN-2026-7258 Out-of-bounds read in urldecode() on NetBSD

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, some functions, including urldecode, pass signed char to ctype functions like isxdigit. On the systems with default signed char and optimized table-lookup ctype functions - such as NetBSD - this can...

7.5CVSS5.8AI score0.00337EPSS
Exploits0References2
OSV
OSV
added 2026/05/12 8:56 a.m.9 views

BIT-PHP-2026-7262 NULL pointer dereference in SOAP apache:Map decoder with missing <value>

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...

7.5CVSS5.8AI score0.0076EPSS
Exploits0References2
Rows per page
Query Builder