Lucene search
K

2946 matches found

NVD
NVD
added 2026/06/22 4:16 p.m.11 views

CVE-2026-8858

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to remote code execution and denial of service in the WebSphere Web Server Plug-in component. This vulnerability can be exploited when an attacker impersonates the application server and sends crafted...

8.8CVSS0.0026EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 2:21 p.m.7 views

EUVD-2026-38286

IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server, and IBM WebSphere Application Server Liberty - when using Intelligent Management with the WebSphere WebServer Plug-in component - are vulnerable to remote code execution and denial of service. This vulnerability can be exploited when...

8.1CVSS6.5AI score0.00409EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 2:16 p.m.33 views

CVE-2026-8858 WebSphere Application Server is Affected By Denial of Service, HTTP Request Smuggling, and Remote Code Execution Vulnerabilities in IBM WebSphere Application Server Liberty [, , , , ]

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to remote code execution and denial of service in the WebSphere Web Server Plug-in component. This vulnerability can be exploited when an attacker impersonates the application server and sends crafted...

7.5CVSS0.0026EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 2:16 p.m.4 views

CVE-2026-8858

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to remote code execution and denial of service in the WebSphere Web Server Plug-in component. This vulnerability can be exploited when an attacker impersonates the application server and sends crafted...

8.8CVSS6.5AI score0.0026EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/22 2:16 p.m.7 views

EUVD-2026-38284

IBM i 7.6, 7.5, 7.4, and 7.3, IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to remote code execution and denial of service in the WebSphere Web Server Plug-in component. This vulnerability can be exploited when an attacker impersonates the applicatio...

7.5CVSS6.5AI score0.0026EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.19 views

PT-2026-51374

Name of the Vulnerable Software and Affected Versions IBM i versions 7.3 through 7.6 IBM WebSphere Application Server affected versions not specified IBM WebSphere Application Server Liberty affected versions not specified Description A denial of service issue exists in the WebSphere WebServer...

7.5CVSS5.8AI score0.00271EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.10 views

PT-2026-51350

Name of the Vulnerable Software and Affected Versions IBM i versions 7.3 through 7.6 IBM WebSphere Application Server affected versions not specified IBM WebSphere Application Server Liberty affected versions not specified Description Remote code execution and denial of service are possible when...

9.8CVSS6.3AI score0.00409EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.8 views

PT-2026-51346

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server affected versions not specified IBM WebSphere Application Server Liberty affected versions not specified IBM i versions 7.3 through 7.6 Description The WebSphere Web Server Plug-in component is susceptible to...

8.8CVSS6.4AI score0.0026EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505i2cprobe During device booting, the HPD interrupt might be triggered before the DRM subsystem registers it6505 as a DRM bridge. In such cases, the driver attempts to access the...

5.2AI score0.00198EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A use-after-free vulnerability exists in the Linux kernel’s net/sched: schqfq component, which can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers a use-after-free in qfqdequeue, due to the incorrect .pe...

7.8CVSS6.6AI score0.00396EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: Only trigger DRM HPD events if the bridge is attached. The MediaTek DisplayPort interface bridge driver starts its interrupts as soon as it is probed. However, when the interrupts are triggered, the bridge might...

5.5CVSS5.3AI score0.00135EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in wpa, pupnp-1.8

The Open Connectivity Foundation’s UPnP specification prior to April 17, 2020, does not prohibit the acceptance of a subscription request with a delivery URL located in a different network segment than the fully qualified event-subscription URL. This is known as the “CallStranger” issue...

7.8CVSS6.7AI score0.15193EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PNP: The memory leak caused by the name of devices being allocated dynamically has been fixed in pnpallocdev. After the commit 1fa5ae857bb1 “Driver core: get rid of struct device’s busid string array”, the name of devices is now...

5.5CVSS5.3AI score0.0015EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: A fix was made to the NULL pointer dereference in dwc3gadgetsuspend. In current scenarios where “Plug-out” and “Plug-In” operations are performed continuously, there is a possibility that a NULL pointer...

5.5CVSS6AI score0.00258EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 7:17 a.m.4 views

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by multiple vulnerabilities when using the Web Server Plug-ins

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by multiple vulnerabilities when using the Web Server Plug-ins CVE-2026-9072, CVE-2026-8858, CVE-2026-10852 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

9.8CVSS5.3AI score0.00409EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/17 5:54 p.m.4 views

Security Bulletin: Vulnerabilities have been identified in WebSphere Application Server Web Server Plug-ins shipped with WebSphere Service Registry and Repository (CVE-2026-10852, CVE-2026-8858 and CVE-2026-9072)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository, and this contains the optional and separately installable Web Server Plug-ins component. Information about multiple remote code execution and denial of service vulnerabilities affecting...

9.8CVSS6.3AI score0.00409EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.11 views

IBM WebSphere Application Server 8.5.x < 8.5.5.30 / 9.x < 9.0.5.28 RCE (7276560)

The version of IBM WebSphere Application Server running on the remote host is affected by a remote code execution vulnerability as referenced in the 7276560 advisory. - IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, when using Intelligent Management with the...

9.8CVSS6.7AI score0.00409EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/16 12:50 p.m.5 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities when using the Web Server Plug-ins (CVE-2026-9072, CVE-2026-8858, CVE-2026-10852)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by remote code execution and a denial of service when using the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component. Vulnerability Details...

9.8CVSS6.3AI score0.00409EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.12 views

CVE-2026-45635

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS5.7AI score0.0052EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.10 views

CVE-2026-45599

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS5.7AI score0.0052EPSS
Exploits0References1
Rows per page
Query Builder