Lucene search
K

74 matches found

NVD
NVD
added yesterday5 views

CVE-2026-11708

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console's integrated help system...

9.3CVSS
Exploits0References1
NVD
NVD
added 6 days ago6 views

CVE-2026-47153

In EmberZNet v9.0.2 and earlier, a malformed Level Control Step command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted...

7.1CVSS0.00249EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/22 2:46 p.m.3 views

CVE-2026-9006

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to server-side request forgery SSRF with the Ajax Proxy configured. This may allow an attacker to send unauthorized requests from the system, resulting in a security bypass or information disclosure...

7.4CVSS5.8AI score0.00221EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/16 3:21 p.m.4 views

Security Bulletin: IBM WebSphere Application Server is affected by an authentication bypass vulnerability (CVE-2026-10845)

Summary IBM WebSphere Application Server is affected by a an authentication bypass when a JAX-WS application is deployed. Vulnerability Details CVEID:CVE-2026-10845 DESCRIPTION: IBM WebSphere Application Server could allow a remote attacker to bypass authentication and gain unauthorized access to...

7.3CVSS5.4AI score0.00337EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/06/01 5:49 p.m.13 views

EUVD-2026-33735

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

9CVSS6.4AI score0.00489EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 5:49 p.m.10 views

CVE-2026-9311 IBM WebSphere Application Server is affected by remote code execution

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...

9CVSS6.4AI score0.00489EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/29 9:0 a.m.8 views

Security Bulletin: There is a vulnerability in bcprov-jdk18on-1.81.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-14813)

Summary There is a vulnerability in bcprov-jdk18on-1.81.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA...

9.9CVSS7.1AI score0.00691EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/28 7:28 p.m.15 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM HTTP Server have been published in a security bulletin CVE-2026-8834, CVE-2026-8852, CVE-2026-8856, CVE-2026-8850, CVE-2026-8854, CVE-2026-8855, CVE-2026-8835,...

9.8CVSS5.9AI score0.00488EPSS
Exploits1Affected Software1
NVD
NVD
added 2026/05/26 6:16 p.m.20 views

CVE-2026-8856

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration...

9.1CVSS0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 4:56 p.m.34 views

CVE-2026-8856 IBM HTTP Server is affected by multiple vulnerabilities

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration...

7.7CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added 2026/05/26 4:56 p.m.18 views

CVE-2026-8856

IBM HTTP Server 8.5 and 9.0 are affected by CVE-2026-8856, a denial-of-service condition triggered when an attacker with write access to parts of the server configuration can consume resources. The IBM Security Bulletin lists this CVE among multiple vulnerabilities in IBM HTTP Server (bundled wit...

9.1CVSS5.8AI score0.00197EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/26 4:54 p.m.13 views

EUVD-2026-31894

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modibmupload...

7.5CVSS5.8AI score0.0038EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 4:54 p.m.11 views

CVE-2026-8850

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modibmupload...

7.5CVSS5.8AI score0.0038EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.7 views

IBM HTTP Server 安全漏洞

IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain security vulnerabilities; these vulnerabilities stem from the optional module modfastcgi, which may lead to denial-of-service attacks...

7.5CVSS5.8AI score0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

IBM HTTP Server 安全漏洞

IBM HTTP Server is an enterprise-level web server software developed by International Business Machines IBM. Versions 8.5 and 9.0 of IBM HTTP Server contain security vulnerabilities. These vulnerabilities stem from invalid pointer dereferencing, which could allow privileged users to disclose...

7.3CVSS5.8AI score0.00252EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.9 views

IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty 环境问题漏洞

IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty are web server integration plugins developed by IBM. Versions 8.5 and 9.0 of these plugins contain environmental issues vulnerabilities. These vulnerabilities stem from improper input validation, which may lead...

9.8CVSS6.1AI score0.00488EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/21 8:35 p.m.8 views

CVE-2026-35235

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

4.9CVSS5.7AI score0.00299EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.11 views

PT-2026-34128

Name of the Vulnerable Software and Affected Versions MySQL Server versions 8.0.0 through 8.0.45 MySQL Server versions 8.4.0 through 8.4.8 MySQL Server versions 9.0.0 through 9.6.0 Description An issue in the InnoDB component of MySQL Server allows a high privileged attacker with network access v...

6.5CVSS7.2AI score0.00323EPSS
Exploits0References126
CVE
CVE
added 2026/04/01 8:54 p.m.11 views

CVE-2026-4820

CVE-2026-4820 affects IBM Maximo Application Suite 9.1, 9.0, 8.11, and 8.10, where authorization tokens or session cookies are not marked with the Secure attribute. This can allow an unauthenticated attacker to steal cookie values by directing users to an http link and monitoring traffic, enablin...

4.3CVSS5.8AI score0.00118EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/01 8:54 p.m.3 views

CVE-2026-4820 IBM Maximo Application Suite was vulnerable to because Cookie ltpatoken2_<workspace_name> was not set with secure flag

IBM Maximo Application Suite 9.1, 9.0, 8.11, and 8.10 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to th...

4.3CVSS5.8AI score0.00118EPSS
Exploits0References1
Rows per page
Query Builder