Lucene search
K

13360 matches found

Tenable Nessus
Tenable Nessus
added 2022/09/14 12:0 a.m.33 views

IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.5 (6598349)

The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the 6598349 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported...

7.1CVSS6.1AI score0.06886EPSS
Exploits0References11
NVD
NVD
added 2022/09/13 9:15 p.m.8 views

CVE-2022-34336

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...

5.4CVSS0.00412EPSS
Exploits0References2
OSV
OSV
added 2022/09/13 9:15 p.m.3 views

CVE-2022-34336

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...

5.4CVSS5.1AI score0.00412EPSS
Exploits0References2
Prion
Prion
added 2022/09/13 9:15 p.m.15 views

Cross site scripting

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...

4.9CVSS5.3AI score0.00412EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/09/13 8:45 p.m.75 views

CVE-2022-34336

CVE-2022-34336 affects IBM WebSphere Application Server: versions 7.0, 8.0, 8.5, and 9.0 are vulnerable to cross‑site scripting in the Admin Console, enabling embedding of arbitrary JavaScript in the Web UI and potentially exposing credentials within a trusted session. Multiple IBM bulletins cons...

5.4CVSS5.1AI score0.00412EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/13 8:45 p.m.14 views

CVE-2022-34336

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...

5.4CVSS5.4AI score0.00412EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/13 6:55 p.m.21 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2022-34336)

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

5.5AI score0.00412EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/13 4:18 p.m.24 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Tivoli Netcool Impact (CVE-2022-22475)

Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details...

5.7AI score0.00564EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/13 1:55 p.m.33 views

Security Bulletin: Identity Spoofing vulnerability in IBM WebSphere Application Server Liberty affects IBM Operations Analytics - Log Analysis (CVE-2022-22476)

Summary IBM WebSphere Application Server Liberty is vulnerable to identity spoofing with the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0 or appSecurity-4.0 feature enabled. This has been addressed. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server...

6.6AI score0.00642EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/13 1:41 p.m.32 views

Security Bulletin: Identity Spoofing vulnerability in IBM WebSphere Application Server Liberty affects IBM Operations Analytics - Log Analysis (CVE-2022-22475)

Summary IBM WebSphere Application Server Liberty is vulnerable to identity spoofing with the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0 or appSecurity-4.0 feature enabled. This has been addressed. Vulnerability Details CVEID:CVE-2022-22475 DESCRIPTION: IBM WebSphere Application Server...

5.8AI score0.00564EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/13 12:35 p.m.181 views

Security Bulletin: Vulnerabilities in openSSL and WebSphere Liberty affect IBM WIoTP MessageGateway (CVE-2022-22476 CVE-2019-11777 CVE-2022-22475 CVE-2022-2097 CVE-2022-2068 CVE-2022-1292)

Summary There is a vulnerabilities in OpenSSL and WebSphere Liberty that affect IBM WIoTP MessageGateway. Vulnerability Details CVEID:CVE-2022-2097 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by improper encryption of data by the AES OCB mode for...

9.2AI score0.95764EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/13 8:52 a.m.29 views

Security Bulletin: An identity spoofing vulnerability in IBM WebSphere Application Server Liberty affects CICS Transaction Gateway

Summary An identity spoofing vulnerability exists in IBM WebSphere Application Server Liberty used by CICS Transaction Gateway. CICS Transaction Gateway has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-22475 DESCRIPTION: IBM WebSphere Application Server Liberty and Open...

5.6AI score0.00564EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/13 5:52 a.m.38 views

Security Bulletin: Vulnerabilities have been identified in IBM WebSphere Application Server Liberty shipped with IBM® Intelligent Operations Center [CVE-2021-23450]

Summary Vulnerabilities have been identified in IBM WebSphere Application Server Liberty 17.0.0.3 - 22.0.0.2 shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed in the applicable CV...

9.3AI score0.30367EPSS
Exploits1Affected Software1
NCSC
NCSC
added 2022/09/13 12:0 a.m.3 views

Vulnerability fixed in IBM WebSphere Application Server

IBM has fixed a vulnerability in WebSphere Application Server. An authenticated malicious person could exploit the vulnerability potentially exploit it to perform a cross-site scripting attack. Through such an attack, the malicious party could execute code in the browser of the victim and thus be...

5.4CVSS6.6AI score0.00412EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2022/09/13 12:0 a.m.4 views

PT-2022-22137 · Ibm · Ibm Websphere Application Server

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server versions 7.0 through 9.0 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a...

5.4CVSS5.8AI score0.00412EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/12 11:34 p.m.25 views

Security Bulletin: IBM WebSphere Application Server Liberty for IBM i is vulnerable to identity spoofing with authenticated user and ability to bypass security restrictions due to Eclipse Paho Java client (CVE-2019-11777, CVE-2022-22476)

Summary IBM WebSphere Application Server Liberty for IBM i is vulnerable to identity spoofing by an authenticated user CVE-2022-22476 and the ability to bypass security restrictions due to Eclipse Paho Java client CVE-2019-11777 as described in the vulnerability details section. IBM i has address...

6.9AI score0.00827EPSS
Exploits0Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/12 10:9 p.m.26 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Case Manager (CVE-2022-34336)

Summary IBM WebSphere Application Server is shipped as a component of IBM Case Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

5.4AI score0.00412EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/12 5:0 p.m.31 views

Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, which are bundled with IBM WebSphere Hybrid Edition, are vulnerable to HTTP header injection (CVE-2022-34165)

Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, which are bundled with IBM WebSphere Hybrid Edition, are vulnerable to HTTP header injection CVE-2022-34165 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

5.9AI score0.00441EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/12 4:58 p.m.26 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to HTTP header injection (CVE-2022-34165)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to HTTP header injection CVE-2022-34165 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

5.9AI score0.00441EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/12 4:53 p.m.44 views

Security Bulletin: IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console (CVE-2022-34336)

Summary IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console. This has been addressed. Vulnerability Details CVEID:CVE-2022-34336 DESCRIPTION: IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed...

5.4AI score0.00412EPSS
Exploits0Affected Software1
Rows per page
Query Builder