Lucene search
K

9874 matches found

Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.12 views

PT-2026-43363

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggling in the Web Server Plug-ins through a specially crafted request...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.8 views

IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty 环境问题漏洞

IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty are web server integration plugins developed by IBM. Versions 8.5 and 9.0 of these plugins contain environmental issues, which stem from vulnerabilities that can be exploited by HTTP request payload attacks...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.16 views

IBM WebSphere Application Server 8.5.x / 9.x RCE (7274072)

The version of IBM WebSphere Application Server running on the remote host is affected by a remote code execution vulnerability as referenced in the 7274072 advisory. - IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and...

9.8CVSS6.5AI score0.00847EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/05/23 6:27 p.m.64 views

icg-hackathon-api-server-exploits

No d...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.8 views

IBM WebSphere Application Server 8.5.x < 8.5.5.30 / 9.x < 9.0.5.28 / Liberty 19.0.0.7 < 26.0.0.6 DoS (7273424)

The version of IBM WebSphere Application Server running on the remote host is affected by a DoS vulnerability as referenced in the 7273424 advisory. - IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to a denial of service, caused by sending a...

7.5CVSS5.8AI score0.005EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.10 views

SAP NetWeaver AS ABAP Reflected XSS (3728690)

The version of SAP NetWeaver AS ABAP detected on the remote host is affected by a reflected cross-site scripting XSS vulnerability as referenced in SAP Security Note 3728690: - A reflected cross-site scripting XSS vulnerability exists in SAP NetWeaver Application Server ABAP Applications based on...

6.1CVSS5.9AI score0.00223EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.11 views

SAP NetWeaver AS ABAP Code Injection (3735359)

The version of SAP NetWeaver AS ABAP detected on the remote host is affected by a code injection vulnerability as referenced in SAP Security Note 3735359: - A code injection vulnerability exists in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform. An authenticated attacker with low...

4.3CVSS6AI score0.00255EPSS
Exploits0References3
CVE
CVE
added 2026/05/14 6:33 p.m.19 views

CVE-2026-27680

CVE-2026-27680 – CSS injection in SAP NetWeaver Application Server ABAP . Improper input handling allows injecting custom CSS into web pages served by the ABAP server; when a user loads or clicks the affected page, the CSS executes. The impact is described as low for confidentiality with no impac...

4.3CVSS5.8AI score0.00173EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.10 views

SAP NetWeaver Application Server ABAP 安全漏洞

SAP NetWeaver Application Server ABAP is a platform used by SAP, a German company, for the operation and development of applications written in the ABAP language. There is a security vulnerability in SAP NetWeaver Application Server ABAP, which arises from improper handling of inputs under certai...

3.1CVSS5.8AI score0.00173EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 3:31 a.m.8 views

EUVD-2026-29361

Due to a Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform, an authenticated attacker could send specially crafted inputs to the application. If processed by the application, this input could be delivered to users subscribed to the channel and result ...

4.3CVSS6.3AI score0.00255EPSS
Exploits0References3
NVD
NVD
added 2026/05/12 3:16 a.m.62 views

CVE-2026-40129

Due to a Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform, an authenticated attacker could send specially crafted inputs to the application. If processed by the application, this input could be delivered to users subscribed to the channel and result ...

4.3CVSS0.00255EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 2:21 a.m.81 views

CVE-2026-40135 OS Command Injection vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform

An OS Command Injection vulnerability exists in the SAP NetWeaver Application Server for ABAP and ABAP Platform that allows an authenticated attacker with administrative access to execute specially crafted shell commands on the server, bypassing the logging mechanism. This allows the execution of...

6.5CVSS0.01398EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/12 2:20 a.m.6 views

CVE-2026-40129

Due to a Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform, an authenticated attacker could send specially crafted inputs to the application. If processed by the application, this input could be delivered to users subscribed to the channel and result ...

4.3CVSS6.3AI score0.00255EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/12 2:20 a.m.7 views

CVE-2026-40129 Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform

Due to a Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform, an authenticated attacker could send specially crafted inputs to the application. If processed by the application, this input could be delivered to users subscribed to the channel and result ...

4.3CVSS6.3AI score0.00255EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.36 views

PT-2026-39923

Due to a Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform, an authenticated attacker could send specially crafted inputs to the application. If processed by the application, this input could be delivered to users subscribed to the channel and result ...

4.3CVSS6.3AI score0.00255EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Apache Tomcat 输入验证错误漏洞

Apache Tomcat is a lightweight web application server developed by the Apache Foundation in the United States. It supports Servlet and JavaServer Page JSP technologies. Vulnerabilities exist in versions of Apache Tomcat from 11.0.0-M1 to 11.0.21, 10.1.0-M1 to 10.1.54, 9.0.0.M1 to 9.0.117, and...

9.8CVSS5.8AI score0.01339EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.25 views

PT-2026-39928

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server for ABAP and ABAP Platform affected versions not specified Description An OS Command Injection issue allows an authenticated attacker with administrative access to execute specially crafted shell commands on th...

6.5CVSS6AI score0.01398EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/08 5:4 a.m.11 views

Security Bulletin: Due to the use of IBM WebSphere Application Server, IBM DevOps Code ClearCase is affected by multiple vulnerabilities.

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

6AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/07 6:1 p.m.18 views

Security Bulletin: Vulnerabilities have been identified in IBM® SDK, Java™ Technology Edition shipped with IBM Buinses Automation Workflow due to the April 2026 Java CPU

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about security vulnerabilities in IBM® SDK, Java™ Technology Edition affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability...

5.8AI score
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 5:37 a.m.7 views

Security Bulletin: Vulnerability in IBM WebSphere Application (CVE-2025-12635) affects IBM PowerVM Novalink.

Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 ar...

5.4CVSS5.7AI score0.00139EPSS
Exploits0Affected Software1
Rows per page
Query Builder