Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by arbitrary code execution (CVE-2025-36038)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by arbitrary code execution. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and Versions|...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by arbitrary code execution (CVE-2025-36038)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by arbitrary code execution. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and Versions|...

Security Bulletin: Multiple vulnerabilities within WebSphere Application and IBM HTTP Server, affect IBM Tivoli Monitoring.

Summary Multiple vulnerabilities within WebSphere Application and IBM HTTP Server which is included as part of IBM Tivoli Monitoring ITM portal server have been remediated. Vulnerability Details CVEID:CVE-2025-33104 DESCRIPTION: IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM)

Summary WebSphere Application Server is shipped as a component of IBM Security Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent

Summary Vulnerabilities in IBM SDK Java Technology Edition that is shipped as part of agent framework in ITCAM for Applications WebSphere MQ Monitoring Agent. CVEs: CVE-2023-21830, CVE-2023-33850, CVE-2025-4447. Vulnerability Details CVEID:CVE-2023-21830 DESCRIPTION: An unspecified vulnerability ...

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Automation Workflow (CVE-2025-36038)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to a Denial of Service (CVE-2025-23184) due to the use of WebSphere Application Server Liberty

Summary IBM Virtualization Engine TS7700 is susceptible to a denial of service associated with the use of WebSphere Application Server Liberty CVE-2025-23184, which is used in its Management Interface. Under certain rare conditions, CachedOutputStream instances may not close properly. If these...

Security Bulletin: Due to the use of WebSphere Application Server traditional , the IBM Tivoli System Automation Application Manager is vulnerable to an arbitrary code execution vulnerability (CVE-2025-36038)

Summary A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager CVE-2025-36038 Vulnerability Details CVEID:CVE-2025-36038 DESCRIPTION: IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker ...

CVE-2025-36038

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server

Summary IBM Db2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM Db2 have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affect...

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by arbitrary code execution

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by arbitrary code execution CVE-2025-36038 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions...

Security Bulletin: Vulnerability has been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2025-36038)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about an arbitrary code execution vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

Vulnerability fixed in IBM WebSphere Application Server

IBM has fixed a vulnerability in IBM WebSphere Application Server Versions 8.5 and 9.0. The vulnerability is in the processing of specially crafted serialized objects. This problem can be exploited by attackers to execute arbitrary code on the server. IBM has released updates to fix the...

IBM WebSphere Application Server 8.5.x < 8.5.5.28 / 9.x < 9.0.5.25 (7237967)

The version of IBM WebSphere Application Server running on the remote host is affected by a vulnerability as referenced in the 7237967 advisory. - IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence o...

CVE-2025-36038

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects...

CVE-2025-36038

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects...

CVE-2025-36038

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects...

CVE-2025-36038

CVE-2025-36038 affects IBM WebSphere Application Server 8.5 and 9.0. A remote attacker could execute arbitrary code by sending a specially crafted sequence of serialized objects (Deserialization of Untrusted Data, CWE-502). CVSS v3.1 base score 9.0–9.8 (network, high impact to confidentiality, in...

CVE-2025-36038 IBM WebSphere Application Server code execution

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects...

CVE-2025-36038 IBM WebSphere Application Server code execution

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects...