Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2025/12/08 10:15 p.m.3 views

CVE-2025-12635

IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by cross-site scripting due to improper validation of user-supplied input. An attacker could exploit this vulnerability by using a specially crafted URL to redirect the...

5.4CVSS0.00139EPSS
Exploits0References1
OSV
OSVadded 2025/07/16 6:15 p.m.1 views

CVE-2025-36097

IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service, caused by a stack-based overflow. An attacker can send a specially crafted request that cause the server to consume excessive memory resources...

7.5CVSS5.9AI score0.00399EPSS
Exploits0References1
OSV
OSVadded 2024/11/11 5:15 p.m.1 views

CVE-2024-45087

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

4.8CVSS5.4AI score0.00238EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletinsadded 2022/09/08 12:9 a.m.522 views

Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)

Summary The LogJam Attack on Diffie-Hellman ciphers CVE-2015-4000 may affect some configurations of IBM WebSphere Application Server Full Profile, IBM WebSphere Application Server Liberty Profile, and IBM WebSphere Application Server Hypervisor Edition. The IBM HTTP Server used by WebSphere...

4.3CVSS3.6AI score0.9986EPSS
Exploits0Affected Software4
ATTACKERKB
ATTACKERKBadded 2022/09/07 12:0 a.m.1 views

CVE-2022-34165

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including...

5.4CVSS6AI score0.00429EPSS
Exploits0References3Affected Software2
OSV
OSVadded 2019/02/19 5:29 p.m.2 views

CVE-2018-1996

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security, caused by the improper TLS configuration. A remote attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 154650...

5.3CVSS5.8AI score0.01142EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2016/08/08 1:59 a.m.0 views

CVE-2016-2960

IBM WebSphere Application Server WAS 7.x before 7.0.0.43, 8.0.0.x before 8.0.0.13, 8.5.0.x before 8.5.5.10, 8.5.0.x and 16.0.0.x Liberty before Liberty Fix Pack 16.0.0.3, and 9.0.0.x before 9.0.0.1 allows remote attackers to cause a denial of service via crafted SIP messages...

4.3CVSS5.6AI score0.39584EPSS
Exploits0References5
OSV
OSVadded 2009/07/14 11:30 p.m.10 views

CVE-2009-0217

The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products including 1 the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; 2 the WebLogic Server component in BEA Product Suite 10.3, 10.0...

5CVSS6AI score0.06348EPSS
Exploits0References93
Rows per page
Query Builder