Websphere Application Server@8.5 Security Vulnerabilities and Issues — Page 3 of Websphere Application Server@8.5 CVE List

Lucene search

IbmWebsphere Application Server8.5

105 matches found

CVE•added 2024/11/04 8:15 p.m.•43 views

CVE-2024-45086

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources.

5.5CVSS5.3AI score0.00102EPSS

CVE•added 2024/10/15 10:15 p.m.•41 views

CVE-2024-45085

IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request. A remote attacker could exploit this vulnerability to cause an error resulting in a denial of service.

7.5CVSS5.8AI score0.00076EPSS

CVE•added 2025/05/14 7:15 p.m.•39 views

CVE-2025-33104

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

7.6CVSS6.3AI score0.00039EPSS

CVE•added 2018/10/12 5:29 a.m.•32 views

CVE-2018-1838

IBM WebSphere Application Server 8.5 and 9.0 in IBM Cloud could allow a remote attacker to obtain sensitive information caused by improper handling of passwords. IBM X-Force ID: 150811.

6.5CVSS6.7AI score0.00129EPSS

CVE•added 2025/06/25 9:15 p.m.•29 views

CVE-2025-36038

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects.

9.8CVSS8AI score0.00171EPSS

Total number of security vulnerabilities105