Vulnerabilities > IBM > Websphere Portal > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-11-14 | CVE-2015-7419 | Resource Management Errors vulnerability in IBM Websphere Portal 8.0.0.1/8.5.0.0 IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows remote attackers to cause a denial of service (memory consumption) via crafted requests. | 7.8 |
2015-09-14 | CVE-2015-1943 | Resource Management Errors vulnerability in IBM Websphere Portal IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request. | 7.8 |
2015-05-25 | CVE-2015-1899 | Resource Management Errors vulnerability in IBM Websphere Portal 8.5.0.0 IBM WebSphere Portal 8.5 through CF05 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | 7.8 |
2015-04-27 | CVE-2015-1886 | Resource Management Errors vulnerability in IBM Websphere Portal The Remote Document Conversion Service (DCS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF16, and 8.5.0 through CF05 allows remote attackers to cause a denial of service (memory consumption) via crafted requests. | 7.8 |
2014-07-29 | CVE-2014-3055 | SQL Injection vulnerability in IBM products SQL injection vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2014-05-16 | CVE-2014-0918 | Path Traversal vulnerability in IBM Websphere Portal Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06 allows remote attackers to read arbitrary files via a crafted URL. | 7.1 |
2010-04-12 | CVE-2010-1348 | Security vulnerability in IBM WebSphere Portal Login Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown impact and remote attack vectors. | 7.5 |
2009-12-02 | CVE-2009-4153 | Cross-Site Scripting vulnerability in IBM Websphere Portal 6.1.0.0/6.1.0.1/6.1.0.2 Unspecified vulnerability in the XMLAccess component in IBM WebSphere Portal 6.1.x before 6.1.0.3 has unknown impact and attack vectors, related to the work directory. | 7.5 |
2008-08-04 | CVE-2008-3423 | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Portal IBM WebSphere Portal 5.1 through 6.1.0.0 allows remote attackers to bypass authentication and obtain administrative access via unspecified vectors. | 7.5 |