Vulnerabilities > IBM > Websphere Application Server > 8.5.5.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-17 | CVE-2019-4442 | Path Traversal vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9,0 could allow a remote attacker to traverse directories on the file system. | 4.3 |
2019-09-17 | CVE-2019-4271 | Improper Input Validation vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console is vulnerable to a Client-side HTTP parameter pollution vulnerability. | 3.5 |
2019-09-17 | CVE-2019-4270 | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site scripting. | 5.4 |
2019-09-17 | CVE-2019-4268 | Path Traversal vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. | 5.3 |
2019-05-17 | CVE-2019-4279 | Deserialization of Untrusted Data vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. | 9.8 |
2019-04-02 | CVE-2019-4080 | Resource Exhaustion vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Admin Console 7.5, 8.0, 8.5, and 9.0 is vulnerable to a potential denial of service, caused by improper parameter parsing. | 6.5 |
2019-03-25 | CVE-2019-4046 | Resource Exhaustion vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by improper handling of request headers. | 7.5 |
2019-03-11 | CVE-2018-1902 | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to spoof connection information which could be used to launch further attacks against the system. | 4.0 |
2019-03-06 | CVE-2019-4030 | Cross-site Scripting vulnerability in IBM products IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. | 5.4 |
2019-02-19 | CVE-2018-1996 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security, caused by the improper TLS configuration. | 3.5 |