Vulnerabilities > IBM > Websphere Application Server > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-15 | CVE-2024-45085 | Improper Check for Unusual or Exceptional Conditions vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request. | 7.5 |
| 2024-08-14 | CVE-2023-50314 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. | 7.5 |
| 2024-07-09 | CVE-2024-35154 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has authorized access to the administrative console, to execute arbitrary code. | 7.2 |
| 2024-06-20 | CVE-2024-37532 | Improper Verification of Cryptographic Signature vulnerability in IBM Websphere Application Server 8.5.0.0/9.0.0.0 IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to identity spoofing by an authenticated user due to improper signature validation. | 8.8 |
| 2024-04-25 | CVE-2024-25026 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 are vulnerable to a denial of service, caused by sending a specially crafted request. | 7.5 |
| 2024-04-17 | CVE-2024-22354 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.5 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 7.0 |
| 2024-04-04 | CVE-2024-27268 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request. | 7.5 |
| 2024-03-31 | CVE-2024-22353 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request. | 7.5 |
| 2023-08-16 | CVE-2023-38737 | Resource Exhaustion vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially-crafted request. | 7.5 |
| 2023-04-29 | CVE-2023-30441 | Unspecified vulnerability in IBM products IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. | 7.5 |