Vulnerabilities > IBM > Websphere Application Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-03 | CVE-2022-39161 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty, when configured to communicate with the Web Server Plug-ins for IBM WebSphere Application Server, could allow an authenticated user to conduct spoofing attacks. | 5.3 |
| 2023-04-29 | CVE-2023-30441 | Unspecified vulnerability in IBM products IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. | 7.5 |
| 2023-04-27 | CVE-2023-24966 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. | 6.1 |
| 2023-04-02 | CVE-2023-26283 | Unspecified vulnerability in IBM Websphere Application Server 9.0 IBM WebSphere Application Server 9.0 is vulnerable to cross-site scripting. | 5.4 |
| 2023-02-03 | CVE-2023-23477 | Unspecified vulnerability in IBM Websphere Application Server 8.5/9.0 IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects. | 9.8 |
| 2023-01-26 | CVE-2022-43917 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Websphere Application Server 8.5/9.0 IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. | 7.5 |
| 2022-11-11 | CVE-2022-40750 | Cross-site Scripting vulnerability in IBM Websphere Application Server 8.5/9.0 IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. | 5.4 |
| 2022-11-03 | CVE-2022-38712 | Authentication Bypass by Spoofing vulnerability in IBM Websphere Application Server "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. | 5.9 |
| 2022-09-28 | CVE-2022-35282 | Server-Side Request Forgery (SSRF) vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery (SSRF). | 6.5 |
| 2022-09-13 | CVE-2022-34336 | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. | 5.4 |