5039 matches found
CVE-2026-8646 IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities
IBM WebSphere Application Server 9.0 and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are vulnerable to HTTP request smuggling. A remote attacker could smuggle a specially crafted request to the application server thereby allowing the attacker to bypass security...
EUVD-2026-38288
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to bypass authentication and gain unauthorized access to JAX-WS applications...
CVE-2026-8858
Summary: CVE-2026-8858 affects IBM WebSphere Web Server Plug-ins used with IBM WebSphere Application Server/Liberty and IBM HTTP Server. The vulnerability allows remote code execution and denial of service when an attacker impersonates the application server and sends crafted responses to the plu...
PT-2026-51351
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 26.0.0.6 Description A denial of service issue exists where a remote attacker can se...
PT-2026-51349
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 26.0.0.6 Description A denial of service issue exists where a remote attacker can se...
PT-2026-51348
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 Description An issue exists when the Ajax Proxy is configured, which may allow an attacker to send unauthorized requests from the system. This server-sid...
Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by server-side request forgery
Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by server-side request forgery CVE-2026-9006 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Version...
Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by an authentication bypass vulnerability
Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by an authentication bypass vulnerability CVE-2026-10845 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...
Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by multiple vulnerabilities when using the Web Server Plug-ins
Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by multiple vulnerabilities when using the Web Server Plug-ins CVE-2026-9072, CVE-2026-8858, CVE-2026-10852 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...
Security Bulletin: Vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2026-10845, CVE-2026-8646, CVE-2026-9320, CVE-2026-9071 and CVE-2026-9006)
Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about multiple vulnerabilities affecting WebSphere Application Server have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in...
Security Bulletin: IBM WebSphere Application Server is affected by an identity spoofing vulnerability (CVE-2026-8644)
Summary IBM WebSphere Application Server is affected by an identity spoofing vulnerability. Vulnerability Details CVEID:CVE-2026-8644 DESCRIPTION: IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing. CWE:CWE-290: Authentication Bypass by Spoofing CVSS Source: IBM CVSS...
Security Bulletin: IBM WebSphere Application Server is affected by remote code execution (CVE-2026-9311, CVE-2026-9330)
Summary IBM WebSphere Application Server is affected by remote code execution. Vulnerability Details CVEID:CVE-2026-9330 DESCRIPTION: IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using the SAML Web Single Sign-On...
Security Bulletin: IBM WebSphere Application Server is affected by a remote code execution vulnerability (CVE-2026-9319)
Summary IBM WebSphere Application Server is affected by a remote code execution vulnerability when using JAX-WS endpoints with WS-Security. Vulnerability Details CVEID:CVE-2026-9319 DESCRIPTION: IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to...
Security Bulletin: IBM WebSphere Application Server is affected by an authentication bypass vulnerability (CVE-2026-10845)
Summary IBM WebSphere Application Server is affected by a an authentication bypass when a JAX-WS application is deployed. Vulnerability Details CVEID:CVE-2026-10845 DESCRIPTION: IBM WebSphere Application Server could allow a remote attacker to bypass authentication and gain unauthorized access to...
Security Bulletin: Security vulnerability has been found in WebSphere Application Server shipped with IBM Guardium Key Lifecycle Manager (SKLM/GKLM)
Summary WebSphere Application Server is shipped as a component of IBM Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details CVEID:CVE-2026-9319 DESCRIPTION:...
Security Bulletin: Security vulnerability has been identified in WebSphere Application Server shipped with IBM Guardium Key Lifecycle Manager (SKLM/GKLM)
Summary WebSphere Application Server is shipped as a component of IBM Guardium Key Lifecycle Manager SKLM/GKLM. Information about security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details CVEID:CVE-2026-9330 DESCRIPTION:...
Security Bulletin: Security vulnerability has been found in WebSphere Application Server shipped with IBM Guardium Key Lifecycle Manager (SKLM/GKLM)
Summary WebSphere Application Server is shipped as a component of IBM Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details CVEID:CVE-2026-8644 DESCRIPTION: IBM...
Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server is affected by multiple vulnerabilities when using when using Web Server Plug-ins.
Summary The security issue described in CVE-2026-8633, CVE-2026-8620 has been identified in WebSphere Application Server included as part of IBM Tivoli Composite Application Manager for Application Diagnostics. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...
Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server is affected by an identity spoofing vulnerability
Summary The security issue described in CVE-2026-8644 has been identified in WebSphere Application Server included as part of IBM Tivoli Composite Application Manager for Application Diagnostics. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affecte...
Security Bulletin: Multiple vulnerabilities due to libexpat have been identified in IBM HTTP Server used by IBM Rational ClearQuest
Summary IBM HTTP Server IHS is used by the IBM Rational ClearQuest server and web components. Information about security vulnerabilities affecting IHS have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...