Lucene search
K

83 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/10/07 11:2 a.m.11 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2025-36099)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...

4.9CVSS6.6AI score0.00299EPSS
Exploits0Affected Software11
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/03 12:55 p.m.6 views

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by a denial of service

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by a denial of service CVE-2025-36099 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|-...

4.9CVSS6.2AI score0.00299EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/01 5:19 p.m.4 views

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2025-36099)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

4.9CVSS6.3AI score0.00299EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/05 10:58 a.m.9 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2025-48976)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...

7.5CVSS7.5AI score0.64718EPSS
Exploits1Affected Software11
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/29 1:57 a.m.6 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a vulnerability that could provide weaker than expected security (CVE-2025-33142)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a vulnerability that could provide weaker than expected security for TLS connections. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affect...

7.5CVSS6.2AI score0.00252EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/08/14 3:41 p.m.7 views

CVE-2025-33142 IBM WebSphere Application Server information disclosure

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections...

5.3CVSS0.00252EPSS
Exploits0References1
OSV
OSV
added 2025/08/07 4:15 p.m.1 views

CVE-2024-56339

IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 could allow a remote attacker to bypass security restrictions caused by a failure to honor security configuration...

7.5CVSS7.3AI score0.004EPSS
Exploits0References1
OSV
OSV
added 2025/07/16 6:15 p.m.3 views

CVE-2025-36097

IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service, caused by a stack-based overflow. An attacker can send a specially crafted request that cause the server to consume excessive memory resources...

7.5CVSS5.9AI score0.00399EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/25 12:0 a.m.5 views

IBM WebSphere Application Server 代码问题漏洞

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A code issue vulnerability exists in IBM WebSphere...

9.8CVSS6.8AI score0.08023EPSS
Exploits0References3
OSV
OSV
added 2024/11/11 5:15 p.m.2 views

CVE-2024-45087

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

4.8CVSS5.4AI score0.00238EPSS
Exploits0References1
OSV
OSV
added 2024/10/16 5:15 p.m.2 views

CVE-2024-45071

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

4.8CVSS5.5AI score0.00237EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/16 8:20 p.m.19 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to information disclosure (CVE-2023-50314)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to information disclosure. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and...

7.5CVSS6AI score0.00254EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/06/20 2:15 p.m.1 views

CVE-2024-37532

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to identity spoofing by an authenticated user due to improper signature validation. IBM X-Force ID: 294721...

8.8CVSS5.8AI score0.00353EPSS
Exploits0References2
OSV
OSV
added 2023/02/03 7:15 p.m.2 views

CVE-2023-23477

IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects. IBM X-Force ID: 245513...

9.8CVSS7.7AI score0.01949EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/30 5:31 p.m.95 views

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring Installed WebSphere Application Server including Log4j

Summary The following security issues has been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. Vulnerability Details CVEID:CVE-2021-45105 DESCRIPTION: Apache Log4j is vulnerable to a denial of service, caused by the failure to protect fr...

10CVSS10AI score0.99999EPSS
Exploits358Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/02 8:25 p.m.39 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled in IBM Cloud Pak for Applications, is vulnerable to denial of service due to GraphQL Java (CVE-2022-37734)

Summary IBM WebSphere Application Server Liberty, which is bundled in IBM Cloud Pak for Applications, is vulnerable to denial of service due to GraphQL Java CVE-2022-37734 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

7.5CVSS7.3AI score0.02121EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/08 12:9 a.m.525 views

Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)

Summary The LogJam Attack on Diffie-Hellman ciphers CVE-2015-4000 may affect some configurations of IBM WebSphere Application Server Full Profile, IBM WebSphere Application Server Liberty Profile, and IBM WebSphere Application Server Hypervisor Edition. The IBM HTTP Server used by WebSphere...

4.3CVSS3.6AI score0.9986EPSS
Exploits1Affected Software4
ATTACKERKB
ATTACKERKB
added 2022/09/07 12:0 a.m.1 views

CVE-2022-34165

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including...

5.4CVSS6AI score0.00458EPSS
Exploits0References3Affected Software2
ATTACKERKB
ATTACKERKB
added 2022/07/13 12:0 a.m.8 views

CVE-2022-22473

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could be used in further attacks against the system. IBM X-Force ID: 225347...

5.3CVSS6.1AI score0.00819EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/07/30 12:15 p.m.2 views

CVE-2021-29736

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote user to gain elevated privileges on the system. IBM X-Force ID: 201300...

8.8CVSS6.3AI score0.01105EPSS
Exploits0References2
Rows per page
Query Builder