101612 matches found
CVE-2026-48902
The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set...
CVE-2026-48697
FastNetMon Community Edition through 1.2.9 does not verify TLS certificates on outbound HTTPS connections. The executewebrequestsecure function in src/fastlibrary.cpp creates a boost::asio::ssl::context with tlsclient mode and calls setdefaultverifypaths to load CA certificates, but never calls...
CVE-2026-8620
CVE-2026-8620 affects IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty (versions 8.5 and 9.0). The Web Server Plug-ins are vulnerable to HTTP request smuggling via specially crafted requests, with attack vector network, no user interaction, and impact limited to conf...
CVE-2026-8620 IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities when using when using Web Server Plug-ins
IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggling in the Web Server Plug-ins through a specially crafted request...
CVE-2026-8620 IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities when using when using Web Server Plug-ins
IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggling in the Web Server Plug-ins through a specially crafted request...
CVE-2026-8835 IBM HTTP Server is affected by multiple vulnerabilities
IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service...
CVE-2026-8835 IBM HTTP Server is affected by multiple vulnerabilities
IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service...
EUVD-2026-31918
IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service...
CVE-2026-8834
CVE-2026-8834 affects IBM HTTP Server versions 8.5 and 9.0. The issue is a buffer overflow in the server, which could be exploited by a privileged user authenticated to the Administration Server to execute remote code or cause a denial of service. The CVSS metrics indicate an adjacent attack vect...
CVE-2026-8834 IBM HTTP Server is affected by multiple vulnerabilities
IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service...
EUVD-2026-31917
IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service...
CVE-2026-8834 IBM HTTP Server is affected by multiple vulnerabilities
IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service...
EUVD-2026-31905
IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication client authentication...
CVE-2026-8855 IBM HTTP Server is affected by multiple vulnerabilities
IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication client authentication...
CVE-2026-8855
IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication client authentication...
CVE-2026-8855 IBM HTTP Server is affected by multiple vulnerabilities
IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication client authentication...
CVE-2026-8854
CVE-2026-8854 affects IBM HTTP Server versions 8.5 and 9.0 via the optional mem_cache module (mod_mem_cache). The DoS condition arises from this component, with CVSS 3.1 base score 7.5 (Network, Low attack complexity, No privileges required, No user interaction). Connected sources confirm the vul...
CVE-2026-8854 IBM HTTP Server is affected by multiple vulnerabilities
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modmemcache...
CVE-2026-8854
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modmemcache...
CVE-2026-8854 IBM HTTP Server is affected by multiple vulnerabilities
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modmemcache...