CVE-2026-8644

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing...

CVE-2026-9311

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

CVE-2026-8644

IBM WebSphere Application Server versions 9.0 and 8.5 are affected by CVE-2026-8644, an identity spoofing (authentication bypass) vulnerability (CWE-290) with CVSSv3.1 base score 9.1. Affected products: WebSphere Application Server 9.0 and 8.5. Root cause: identity spoofing leading to authenticat...

UTT HiPER 1200GW security vulnerabilities

UTT HiPER 1200GW is a wireless gateway device developed by UTT Corporation. Versions of UTT HiPER 1200GW prior to 2.5.3-170306 contained security vulnerabilities. These vulnerabilities were caused by incorrect operations with the strcpy function in the file/goform/formTaskEdit, which could lead t...

PT-2026-45542

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 Description An issue exists that allows for identity spoofing, where an attacker can impersonate another user or system identity. Recommendations At the...

PT-2026-45502

A weakness has been identified in Enderfga claw-orchestrator up to 3.5.5. This affects the function EmbeddedServer of the file src/embedded-server.ts of the component API Endpoint. This manipulation causes missing authentication. The attack may be initiated remotely. The exploit has been made...

IBM WebSphere Application Server (WAS) code injection vulnerability

IBM WebSphere Application Server WAS is an application server product developed by IBM. It serves as a platform for JavaEE and web services applications and forms the foundation of the IBM WebSphere software suite. Both the 9.0 and 8.5 versions of IBM WebSphere Application Server contained a code...

IBM WebSphere Application Server (WAS) security vulnerabilities

IBM WebSphere Application Server WAS is an application server product developed by IBM. It serves as a platform for JavaEE and web services applications, and it also forms the foundation of the IBM WebSphere software platform. Both versions of IBM WebSphere Application Server WAS, 9.0 and 8.5, ha...

PT-2026-45543

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

CVE-2024-56462 IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating system...

CVE-2026-1718

IBM Db2 is vulnerable to a denial of service when autonomous transactions are enabled, affecting Db2 Server releases 11.5.0–11.5.9 and 12.1.0–12.1.4. The root cause is CWE-770 (Allocation of Resources Without Limits or Throttling). A specially crafted query can trigger the issue. Remediation invo...

WordPress plugin SVG Support 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

IBM QRadar 安全漏洞

IBM QRadar is a security information and event management platform developed by the American multinational company IBM. There are security vulnerabilities in the version of IBM QRadar 7.5.0 up to 7.5.0 UP15 Interim Fix 002. These vulnerabilities stem from privileged users uploading malicious back...

PT-2026-43685

IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating system...

CVE-2026-8835

IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service...

EUVD-2026-31905

IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication client authentication...

EUVD-2026-31903

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration...

CVE-2026-8856 IBM HTTP Server is affected by multiple vulnerabilities

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration...

CVE-2026-8852 IBM HTTP Server is affected by multiple vulnerabilities

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modfastcgi module...

CVE-2026-8850

IBM HTTP Server 8.5 and 9.0 are affected by a denial-of-service through the optional module mod_ibm_upload. The NVD entry lists a CVSS 3.1 base score of 7.5 (HIGH) with network attack vector and no user interaction required, indicating the issue can be triggered remotely and could impact availabi...