Lucene search
K

127 matches found

CVE
CVE
added 2 days ago11 views

CVE-2026-11594

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console...

8.5CVSS5.6AI score0.00281EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago3 views

EUVD-2026-40396

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console help system...

9.3CVSS5.6AI score0.00217EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago4 views

EUVD-2026-39724

Unauthenticated Cross Site Scripting XSS in WoodMart = 8.5.3 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 8:51 p.m.8 views

CVE-2026-47733

Rocket.Chat CVE-2026-47733 affects the ImageElement in packages/gazzodown prior to 8.5.0, where user-controlled src values are inserted into and without protocol sanitization. An authenticated user can post markdown images with a javascript: URL that, on older browsers, could execute arbitrary ...

4.4CVSS6.1AI score0.00118EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Tomcat9

When responding to new H2C connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, and 8.5.0 to 8.5.61 may duplicate request headers and a limited amount of request body from one request to another. This means that user A and user B may both see the results of user A’...

7.5CVSS6.8AI score0.18114EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.7 views

CVE-2025-68060

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPMart Team Member allows Blind SQL Injection. This issue affects Team Member: from n/a through 8.5...

7.6CVSS5.6AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.8 views

CVE-2026-8850

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modibmupload...

7.5CVSS5.4AI score0.0038EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.9 views

CVE-2026-8835

IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service...

7.3CVSS5.5AI score0.00252EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.9 views

CVE-2026-8644

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing...

9.1CVSS5.4AI score0.00318EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 7:16 p.m.11 views

CVE-2026-8644

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing...

9.1CVSS0.00318EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 5:49 p.m.12 views

CVE-2026-9311

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

9CVSS6.4AI score0.00489EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/01 5:46 p.m.77 views

CVE-2026-8644

IBM WebSphere Application Server versions 9.0 and 8.5 are affected by CVE-2026-8644, an identity spoofing (authentication bypass) vulnerability (CWE-290) with CVSSv3.1 base score 9.1. Affected products: WebSphere Application Server 9.0 and 8.5. Root cause: identity spoofing leading to authenticat...

9.1CVSS5.8AI score0.00318EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.14 views

PT-2026-45543

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 8.5 IBM WebSphere Application Server version 9.0 Description Remote code execution is possible due to the bypass of security controls. Recommendations At the moment, there is no information about a newe...

9CVSS6.3AI score0.00489EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

IBM WebSphere Application Server(WAS) 代码注入漏洞

IBM WebSphere Application Server is an enterprise-level Java application server, primarily used for deploying and running Java enterprise applications. IBM WebSphere Application Server has a security control bypass vulnerability. This vulnerability stems from the improper implementation of securi...

9CVSS6AI score0.00489EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.8 views

IBM WebSphere Application Server(WAS) 安全漏洞

IBM WebSphere Application Server is a Java enterprise application server developed by IBM. It is primarily used for deploying and managing enterprise-level web applications. IBM WebSphere Application Server has a vulnerability known as “Identity Spoofing.” This vulnerability arises from the failu...

9.1CVSS5.8AI score0.00318EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.18 views

PT-2026-45542

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 Description An issue exists that allows for identity spoofing, where an attacker can impersonate another user or system identity. Recommendations At the...

9.1CVSS5.8AI score0.00318EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/26 5:11 p.m.9 views

CVE-2026-8835

IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service...

7.3CVSS5.8AI score0.00252EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/26 4:58 p.m.14 views

EUVD-2026-31905

IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication client authentication...

9.8CVSS6.5AI score0.00456EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 4:56 p.m.16 views

EUVD-2026-31903

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration...

9.1CVSS5.8AI score0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 4:56 p.m.11 views

CVE-2026-8856 IBM HTTP Server is affected by multiple vulnerabilities

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration...

7.7CVSS5.8AI score0.00197EPSS
Exploits0References1
Rows per page
Query Builder