Lucene search
K

116 matches found

CVE
CVE
added yesterday7 views

CVE-2026-13759

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 ships three ObjectInputStream subclasses WsObjectInputStream, ObjectStreamPool$ReusableInputStream, ObjectInputStreamResolver that install no JEP-290 class filter; when Coherence is on the classpath, multiple RCE gadget chains including...

7.5CVSS6.2AI score
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-40388

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 ships three ObjectInputStream subclasses WsObjectInputStream, ObjectStreamPool$ReusableInputStream, ObjectInputStreamResolver that install no JEP-290 class filter; when Coherence is on the classpath, multiple RCE gadget chains including...

7.5CVSS6.2AI score
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-13772

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 's Object Query Language engine resolves attacker-supplied class names via Class.forName and invokes their constructors with no allow-list at three distinct sinks SELECT NEW, enum literals, and reflection-based comparators; an authenticated remo...

7.5CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added yesterday3 views

EUVD-2026-40387

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 's Object Query Language engine resolves attacker-supplied class names via Class.forName and invokes their constructors with no allow-list at three distinct sinks SELECT NEW, enum literals, and reflection-based comparators; an authenticated remo...

7.5CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-13773

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 Approximately 50 generated CORBA stub classes in WebSphere eXtreme Scale's ogclient.jar call ORB.stringtoobject on an attacker-controlled IOR string during Java deserialization, turning any unfiltered ObjectInputStream sink in WAS into outbound...

6CVSS6.4AI score
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-40386

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 Approximately 50 generated CORBA stub classes in WebSphere eXtreme Scale's ogclient.jar call ORB.stringtoobject on an attacker-controlled IOR string during Java deserialization, turning any unfiltered ObjectInputStream sink in WAS into outbound...

6CVSS6.4AI score
Exploits0References1
CVE
CVE
added yesterday14 views

CVE-2026-9002

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 could allow an adjacent attacker to cause a denial of service due to improper validation in the XDF decoder. The application processes deeply nested Protocol Buffers messages and attacker-controlled length prefixes without sufficient bounds...

6.5CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added yesterday5 views

CVE-2026-9002 IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 could allow an adjacent attacker to cause a denial of service due to improper validation in the XDF decoder. The application processes deeply nested Protocol Buffers messages and attacker-controlled length prefixes without sufficient bounds...

6.5CVSS
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-40379

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 could allow an adjacent attacker to cause a denial of service due to improper validation in the XDF decoder. The application processes deeply nested Protocol Buffers messages and attacker-controlled length prefixes without sufficient bounds...

6.5CVSS5.8AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago4 views

Security Bulletin: IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled

Summary IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled CVE-2026-9002 Vulnerability Details CVEID:CVE-2026-9002 DESCRIPTION: IBM WebSphere eXtreme Scale could allow an adjacent attacker to cause a denial of service due to improper validation in th...

6.5CVSS5.8AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.8 views

IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7277387)

The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 7277387 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of...

7.5CVSS6AI score0.00358EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 2:28 p.m.3 views

Security Bulletin: Multiple Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects WebSphere eXtreme Scale

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Version 8 used by WebSphere eXtreme Scale. Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

7.5CVSS7.2AI score0.00358EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/27 12:0 a.m.12 views

IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7267689)

The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 7267689 advisory. - In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names o...

9.8CVSS6.3AI score0.00547EPSS
Exploits1References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/26 3:54 p.m.4 views

Security Bulletin: Multiple Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects WebSphere eXtreme Scale

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Version 8 used by WebSphere eXtreme Scale. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows an remote...

9.8CVSS6.8AI score0.00547EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/02 12:0 a.m.5 views

IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7256003)

The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 7256003 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of...

7.5CVSS7.4AI score0.00633EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/30 1:30 p.m.9 views

Security Bulletin: Multiple Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects WebSphere eXtreme Scale

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Version 8 used by WebSphere eXtreme Scale. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high...

7.5CVSS6.5AI score0.00633EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/10/31 12:0 a.m.3 views

IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7249244)

The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6. It is, therefore, affected by a vulnerability as referenced in the 7249244 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Scripting...

5.9CVSS6.3AI score0.00551EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/28 12:22 p.m.6 views

Security Bulletin: A security vulnerability in IBM® Runtime Environment Java™ Technology Edition affects WebSphere eXtreme Scale

Summary IBM® SDK, Java™ Technology Edition bundled with IBM WebSphere eXtreme Scale is affected by security vulnerability. Vulnerability Details CVEID:CVE-2025-30761 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Scripting...

5.9CVSS5.9AI score0.00551EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/10/14 12:0 a.m.5 views

IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7247893)

The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6 IBM. It is, therefore, affected by a vulnerability as referenced in the 7247893 advisory. - Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0. The FileObject API in Commons VFS has ...

7.5CVSS6.7AI score0.01277EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-6536

Malware in sbrugna...

3.5CVSS6.4AI score0.00951EPSS
Exploits0References4
Rows per page
Query Builder