Vulnerabilities > IBM > Websphere Application Server > 17.0.0.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-30 | CVE-2019-4304 | Session Fixation vulnerability in IBM Websphere Application Server IBM WebSphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation. | 6.3 |
| 2019-03-25 | CVE-2019-4046 | Resource Exhaustion vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by improper handling of request headers. | 7.5 |
| 2019-03-11 | CVE-2018-1902 | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to spoof connection information which could be used to launch further attacks against the system. | 4.3 |
| 2018-10-31 | CVE-2018-1851 | Deserialization of Untrusted Data vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty OpenID Connect could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization. | 9.8 |
| 2018-09-26 | CVE-2018-1683 | Missing Encryption of Sensitive Data vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by the failure to encrypt ORB communication. | 7.5 |
| 2018-06-27 | CVE-2018-1553 | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty prior to 18.0.0.2 could allow a remote attacker to obtain sensitive information, caused by mishandling of exceptions by the SAML Web SSO feature. | 7.5 |