IBM WebSphere Application Server 8.5.x < 8.5.5.30 / 9.x < 9.0.5.29 XSS (7277546)

The version of IBM WebSphere Application Server running on the remote host is affected by a XSS vulnerability as referenced in the 7277546 advisory. - IBM WebSphere Application Server is affected by a cross-site scripting vulnerability in the administrative console login page. CWE: CWE-79: Improp...

Security Bulletin: IBM WebSphere Application Server is affected by an authentication bypass vulnerability (CVE-2026-10845)

Summary IBM WebSphere Application Server is affected by a an authentication bypass when a JAX-WS application is deployed. Vulnerability Details CVEID:CVE-2026-10845 DESCRIPTION: IBM WebSphere Application Server could allow a remote attacker to bypass authentication and gain unauthorized access to...

CVE-2026-48883

Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce = 8.5.3 versions...

EUVD-2026-33735

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

CVE-2026-9311 IBM WebSphere Application Server is affected by remote code execution

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

CVE-2026-9311 IBM WebSphere Application Server is affected by remote code execution

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM HTTP Server have been published in a security bulletin CVE-2026-8834, CVE-2026-8852, CVE-2026-8856, CVE-2026-8850, CVE-2026-8854, CVE-2026-8855, CVE-2026-8835,...

CVE-2026-8856

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration...

CVE-2026-8834

IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service...

CVE-2026-9170 IBM HTTP Server is affected by multiple vulnerabilities

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service and a potential remote code execution due to improper input validation...

CVE-2026-8856

IBM HTTP Server 8.5 and 9.0 are affected by CVE-2026-8856, a denial-of-service condition triggered when an attacker with write access to parts of the server configuration can consume resources. The IBM Security Bulletin lists this CVE among multiple vulnerabilities in IBM HTTP Server (bundled wit...

CVE-2026-8856 IBM HTTP Server is affected by multiple vulnerabilities

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration...

EUVD-2026-31896

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modfastcgi module...

EUVD-2026-31894

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modibmupload...

CVE-2026-8850

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modibmupload...

IBM HTTP Server 安全漏洞

IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain security vulnerabilities; these vulnerabilities stem from the optional module modfastcgi, which may lead to denial-of-service attacks...

PT-2026-43367

Name of the Vulnerable Software and Affected Versions IBM HTTP Server version 8.5 IBM HTTP Server version 9.0 Description An issue exists that allows a denial of service via the optional module mod mem cache. Recommendations Restrict the use of the mod mem cache module to minimize the risk of...

IBM HTTP Server 安全漏洞

IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain security vulnerabilities. These vulnerabilities stem from invalid pointer dereferencing, which could allow privileged users to disclose...

IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty 环境问题漏洞

IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty are web server integration plugins developed by IBM. Versions 8.5 and 9.0 of these plugins contain environmental issues vulnerabilities. These vulnerabilities stem from improper input validation, which may lead...

CVE-2026-7568

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...