📦 Websphere Application Server
by Ibm
🔍 What is Websphere Application Server?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2025-36038 is a critical deserialization vulnerability in IBM WebSphere Application Server that allows remote attackers to execute arbitrary code by sending specially crafted serialized objects. T...
This vulnerability allows a privileged user in IBM WebSphere Application Server Liberty to upload a zip archive containing path traversal sequences, which can overwrite files and lead to arbitrary cod...
A stack-based buffer overflow vulnerability in IBM WebSphere Application Server allows attackers to cause denial of service by sending specially crafted requests that consume excessive memory. This af...
This vulnerability allows remote authenticated attackers with administrative console access to execute arbitrary code on IBM WebSphere Application Server. Attackers can exploit specially crafted input...
IBM WebSphere Application Server 8.5 and 9.0 has an identity spoofing vulnerability where authenticated users can impersonate other users due to improper signature validation. This allows attackers to...
This XML External Entity Injection (XXE) vulnerability in IBM WebSphere Application Server allows attackers to process malicious XML data, potentially exposing sensitive information, consuming memory ...
This vulnerability in IBM Runtime Environment Java Technology Edition's IBMJCEPlus and JSSE components could expose sensitive information due to cryptographic weaknesses. It affects IBM Java 8.0.7.0 t...
This vulnerability allows authenticated users to impersonate other users by sending specially crafted requests to IBM WebSphere Application Server Liberty and Open Liberty. Attackers can spoof identit...
This LDAP injection vulnerability in IBM WebSphere Application Server - Liberty allows authenticated remote attackers to manipulate LDAP queries through specially crafted requests. Successful exploita...
This vulnerability in IBM WebSphere Application Server allows remote attackers to cause a denial of service by sending specially crafted requests that consume all available CPU resources. Affected ver...
CVE-2021-29736 is a privilege escalation vulnerability in IBM WebSphere Application Server that allows a remote authenticated user to gain elevated privileges on the system. This affects WebSphere App...
IBM WebSphere Application Server versions 7.0-9.0 contain a privilege escalation vulnerability in the SAML Web Inbound Trust Association Interceptor (TAI). This allows authenticated users to gain elev...
This CVE describes an XML External Entity (XXE) injection vulnerability in IBM WebSphere Application Server, allowing remote attackers to read sensitive files from the server or cause denial of servic...
This XXE vulnerability in IBM WebSphere Application Server allows remote attackers to read arbitrary files from the server filesystem or cause denial of service through memory consumption. It affects ...
IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.2 have a security weakness in the Security Utility that could allow reduced security when administering security settings. Thi...
IBM WebSphere Application Server versions 9.0 and 8.5 have a security weakness in system administration security settings that could allow attackers to bypass intended security controls. This affects ...
This CVE describes a cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server and Liberty versions where improper input validation allows attackers to craft malicious URLs. When us...
IBM WebSphere Application Server Liberty versions 18.0.0.2 through 25.0.0.8 are vulnerable to a denial of service attack where a remote attacker can send specially crafted requests to cause excessive ...
IBM WebSphere Application Server 8.5 and 9.0 have a TLS security weakness that could allow attackers to downgrade or weaken TLS connections. This affects organizations using these versions for web app...
IBM WebSphere Application Server Liberty versions 17.0.0.3 through 25.0.0.8 contain a stored cross-site scripting vulnerability that allows privileged users to inject malicious JavaScript into the web...
IBM WebSphere Application Server Liberty versions 17.0.0.3 through 25.0.0.8 contain a vulnerability where JMS messaging configuration is not properly enforced, allowing remote attackers to bypass secu...
IBM WebSphere Application Server 8.5 and 9.0 contains an XML External Entity (XXE) vulnerability that allows privileged users to read arbitrary files from the server or cause denial of service through...
IBM WebSphere Application Server 8.5 and 9.0 contains a cross-site scripting (XSS) vulnerability that allows authenticated privileged users to inject malicious JavaScript into the web interface. This ...