Vulnerabilities > IBM > Websphere Application Server > 19.0.0.1

DATE CVE VULNERABILITY TITLE RISK
2020-05-06 CVE-2020-10693 Improper Input Validation vulnerability in multiple products
A flaw was found in Hibernate Validator version 6.1.2.Final.
network
low complexity
redhat ibm quarkus oracle CWE-20
5.3
5.3
2020-04-28 CVE-2020-4329 Information Exposure vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking.
network
low complexity
ibm CWE-200
4.0
4.0
2020-04-02 CVE-2020-4304 Cross-site Scripting vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting.
network
ibm CWE-79
4.3
4.3
2020-04-02 CVE-2020-4303 Cross-site Scripting vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting.
network
ibm CWE-79
4.3
4.3
2020-01-31 CVE-2019-4720 Allocation of Resources Without Limits or Throttling vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request.
network
low complexity
ibm CWE-770
5.0
5.0
2019-12-10 CVE-2019-4663 Cross-site Scripting vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server - Liberty is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2019-10-03 CVE-2019-4441 Information Exposure Through an Error Message vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser.
network
low complexity
ibm CWE-209
5.3
5.3
2019-09-30 CVE-2019-4305 Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by the improper setting of a cookie.
network
low complexity
ibm CWE-565
5.3
5.3
2019-09-30 CVE-2019-4304 Session Fixation vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation.
network
low complexity
ibm CWE-384
6.3
6.3
2019-03-25 CVE-2019-4046 Resource Exhaustion vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by improper handling of request headers.
network
low complexity
ibm CWE-400
7.5
7.5