13216 matches found
Security Bulletin: Multiple Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects WebSphere eXtreme Scale
Summary There are multiple vulnerabilities in IBM Runtime Environment Java Version 8 used by WebSphere eXtreme Scale. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows an remote...
EUVD-2025-209021
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings...
EUVD-2025-209020
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is affected by privilege escalation. A privileged user could gain additional access to the application server...
EUVD-2026-15982
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery SSRF. This may allow remote attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating...
CVE-2026-1561
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery SSRF. This may allow remote attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating...
CVE-2025-14915
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is affected by privilege escalation. A privileged user could gain additional access to the application server...
CVE-2025-14917
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings...
CVE-2025-14917 IBM WebSphere Application Server Liberty could provide weaker than expected security
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings...
CVE-2025-14917
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings...
CVE-2025-14917 IBM WebSphere Application Server Liberty could provide weaker than expected security
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings...
CVE-2025-14915 IBM WebSphere Application Server Liberty is affected by a privilege escalation vulnerability
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is affected by privilege escalation. A privileged user could gain additional access to the application server...
CVE-2025-14915
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is affected by privilege escalation. A privileged user could gain additional access to the application server...
CVE-2025-14915 IBM WebSphere Application Server Liberty is affected by a privilege escalation vulnerability
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is affected by privilege escalation. A privileged user could gain additional access to the application server...
CVE-2025-14915
Summary of CVE-2025-14915 (IBM WebSphere Liberty) : IBM WebSphere Application Server Liberty (versions 17.0.0.3–26.0.0.3), including bundles of WebSphere Hybrid Edition, Enterprise Runtimes, or Cloud Pak for Applications, is affected by a privilege escalation when the restConnector-1.0 or restCon...
CVE-2026-1561
CVE-2026-1561 affects IBM WebSphere Application Server Liberty (versions 17.0.0.3 through 26.0.0.3). The flaw is a server-side request forgery (SSRF) in the samlWeb-2.0 feature that could allow a remote attacker to cause unauthorized requests from the vulnerable system (potential network enumerat...
CVE-2026-1561 IBM WebSphere Application Server Liberty Server-Side Request Forgery
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery SSRF. This may allow remote attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating...
CVE-2026-1561 IBM WebSphere Application Server Liberty Server-Side Request Forgery
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery SSRF. This may allow remote attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating...
CVE-2026-1561
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery SSRF. This may allow remote attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating...
Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, are bundled with WebSphere Remote Server, are affected by a denial of service due to jose4j (CVE-2024-29371)
Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server and IBM WebSphere Application Server Liberty has been published in a security...
Security Bulletin: IBM Engineering Test Management is affected by IBM WebSphere Application Server and Liberty are affected by SMTP injection(CVE-2025-7962)
Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by an SMTP injection vulnerability in the Jakarta Mail library. Following IBM® Engineering Lifecycle Management products are vulnerable to this attack, and addressed in this bulletin: IBM...