CVE-2023-40368

IBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a privileged user to obtain sensitive information from the administrative command line client. IBM X-Force ID: 263456...

IBM WebSphere Application Server Remote Code Execution Vulnerability (CVE-2018-1904)

The IBM WebSphere Application Server running on the remote host is version 7.0.0.0 through 7.0.0.45, 8.0.0.0 through 8.0.0.15, 8.5.x prior to 8.5.5.15, or 9.0.0.x prior to 9.0.0.10. It is, therefore, affected by a remote code execution vulnerability that allows remote attackers to execute arbitra...

Security Bulletin: Potential Remote code execution vulnerability in WebSphere Application Server shipped with Jazz for Service Management (CVE-2018-1904)

Summary There is a potential remote code execution vulnerability in WebSphere Application Server CVE-2018-1904 Vulnerability Details CVEID: CVE-2018-1904 DESCRIPTION: IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code through an administrative client clas...

CVE-2018-1904

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute arbitrary Java code through an administrative client class with a serialized object from untrusted sources. IBM X-Force ID: 152533...

Code injection

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute arbitrary Java code through an administrative client class with a serialized object from untrusted sources. IBM X-Force ID: 152533...

CVE-2018-1904

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute arbitrary Java code through an administrative client class with a serialized object from untrusted sources. IBM X-Force ID: 152533...

CVE-2018-4854

A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to port 69/udp could modify the administrative client stored on the device. If a legitimate user downloads and executes the modified client from the affected device,...

Design/Logic Flaw

The BreakingPoint Storm appliance before 3.0 requires cleartext credentials for establishing a session from a GUI administrative client, which allows remote attackers to obtain sensitive information by sniffing the network for XML documents...