The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of IBM WebSphere AS Traditional

WebSphere AS: Cross Site Scripting via OAuth Ear
An attacker can trigger a Cross Site Scripting via OAuth Ear of WebSphere AS, in order to run JavaScript code in the context of the web site...
CVE-2018-1794, ibm10729571, ibm10739949, VIGILANCE-VUL-27374
WebSphere AS: Cross Site Scripting via SAML Ear
An attacker can trigger a Cross Site Scripting via SAML Ear of WebSphere AS, in order to run JavaScript code in the context of the web site...
CVE-2018-1793, ibm10729563, ibm10739955, VIGILANCE-VUL-27373
WebSphere AS: information disclosure via TLS Downgrade
An attacker can bypass access restrictions to data via TLS Downgrade of WebSphere AS, in order to obtain sensitive information...
CVE-2018-1719, ibm10718837, ibm10733229, ibm10733287, ibm10743355, ibm10794423, VIGILANCE-VUL-27227
WebSphere AS: code execution via SOAP Connector
An attacker can use a vulnerability via SOAP Connector of WebSphere AS, in order to run code...
CVE-2018-1567, ibm10735293, swg22016254, VIGILANCE-VUL-27161
WebSphere AS: privilege escalation via Form Login
An attacker can bypass restrictions via Form Login of WebSphere AS, in order to escalate his privileges...
CVE-2018-1695, ibm10716523, VIGILANCE-VUL-27142
IBM Java: code execution via Attach API
An attacker can use a vulnerability via Attach API of IBM Java, in order to run code...
CERTFR-2018-AVI-544, CVE-2018-12539, ibm10725491, ibm10729349, ibm10730083, ibm10733905, ibm10735319, ibm10735325, ibm10738401, ibm10738997, ibm10742729, ibm10743193, ibm10743351, RHSA-2018:2568-01, RHSA-2018:2569-01, RHSA-2018:2575-01, RHSA-2018:2576-01, SUSE-SU-2018:2574-1, SUSE-SU-2018:2583-1, SUSE-SU-2018:2649-1, SUSE-SU-2018:2839-1, SUSE-SU-2018:3082-1, VIGILANCE-VUL-27093
IBM Java: directory traversal via DTFJ
An attacker can traverse directories via DTFJ of IBM Java, in order to read a file outside the service root path...
CERTFR-2018-AVI-544, CVE-2018-1656, ibm10725491, ibm10729349, ibm10730083, ibm10733905, ibm10735319, ibm10735325, ibm10738401, ibm10738997, ibm10742729, ibm10743193, ibm10743351, RHSA-2018:2568-01, RHSA-2018:2569-01, RHSA-2018:2575-01, RHSA-2018:2576-01, SUSE-SU-2018:2574-1, SUSE-SU-2018:2583-1, SUSE-SU-2018:2649-1, SUSE-SU-2018:2839-1, SUSE-SU-2018:3082-1, VIGILANCE-VUL-27092
Guava: denial of service via AtomicDoubleArray
An attacker can generate a fatal error via AtomicDoubleArray() of Guava, in order to trigger a denial of service...
CVE-2018-10237, ibm10795696, ibm10871804, RHSA-2018:2423-01, RHSA-2018:2424-01, RHSA-2018:2425-01, RHSA-2018:2740-01, RHSA-2018:2741-01, RHSA-2018:2742-01, RHSA-2018:2743-01, swg27048591, VIGILANCE-VUL-27021
Apache MyFaces: code execution via ViewState-ID Deserialization
An attacker can use a vulnerability via ViewState-ID Deserialization of Apache MyFaces, in order to run code...
ibm10716525, ibm10728095, MYFACES-4133, VIGILANCE-VUL-27015
Apache CXF: Man-in-the-Middle via com.sun.net.ssl
An attacker can act as a Man-in-the-Middle via com.sun.net.ssl on Apache CXF, in order to read or write data in the session...
cpujul2019, CVE-2018-8039, ibm10720065, ibm10734899, RHSA-2018:2276-01, RHSA-2018:2277-01, RHSA-2018:2423-01, RHSA-2018:2424-01, RHSA-2018:2425-01, RHSA-2018:3817-01, VIGILANCE-VUL-26852
Our database contains other pages. You can request a free trial to read them.

Display information about IBM WebSphere AS Traditional: