Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/06/22 2:16 p.m.45 views

CVE-2026-8858 WebSphere Application Server Remote Code Execution

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to remote code execution and denial of service in the WebSphere Web Server Plug-in component. This vulnerability can be exploited when an attacker impersonates the application server and sends crafted...

7.5CVSS0.0026EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/04 4:2 p.m.69 views

Security Bulletin: IBM HTTP Server is vulnerable to HTTP request splitting due to the included Apache HTTP Server (CVE-2023-25690)

Summary IBM HTTP Server used by IBM WebSphere Application Server is vulnerable to HTTP request splitting when using modproxy or the Web Server Plug-in due to the included Apache HTTP Server. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2023-25690 DESCRIPTION...

9.8CVSS9.4AI score0.8377EPSS
Exploits5Affected Software1
Prion
Prion
added 2012/05/01 7:55 p.m.20 views

Design/Logic Flaw

The Web Server Plug-in in IBM WebSphere Application Server WAS 8.0 and earlier uses unencrypted HTTP communication after expiration of the plugin-key.kdb password, which allows remote attackers to obtain sensitive information by sniffing the network, or spoof arbitrary servers via a...

6.8CVSS6.5AI score0.01241EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2012/05/01 7:0 p.m.19 views

CVE-2012-2162

The Web Server Plug-in in IBM WebSphere Application Server WAS 8.0 and earlier uses unencrypted HTTP communication after expiration of the plugin-key.kdb password, which allows remote attackers to obtain sensitive information by sniffing the network, or spoof arbitrary servers via a...

6.1AI score0.01241EPSS
Exploits0References3
seebug.org
seebug.org
added 2006/10/27 12:0 a.m.32 views

IBM多个产品未明信任书伪造漏洞

IBM包含多系列产品,如IBM Tivoli,IBM WebSphere等。 IBM多个产品存在信任书伪造问题,远程攻击者可以利用这个漏洞访问资源和数据或可能控制应用程序。 目前报告此问题可以使攻击者利用COOKIE或伪造其他信任用户未授权访问资源,目前没有详细漏洞细节提供。 IBM Tivoli Access Manager for e-business 5.1 IBM Tivoli Access Manager for e-business 4.1 IBM Tivoli Access Manager for e-business 3.9 IBM Tivoli Access Manag...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2006/02/04 12:0 a.m.60 views

[Full-disclosure] VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Remote Directory Traversal and File Retrieval Release Date: 2006-02-03...

5CVSS0.4AI score0.09278EPSS
Exploits1
Rows per page
Query Builder