Page 10 of 66 results (0.005 seconds)

CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0

IBM WebSphere Portal 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a crafted request. Vulnerabilidad en el portal de IBM WebSphere 7.0.0 hasta 7.0.0.2 CF29, 8.0.0 anteriores a 8.0.0.1 CF17 y del 8.5.0 anteriores a CF06, que permite a atacantes remotos obtener informacion sensible del Repositorio de Contenido de Java (JCR) a través de una petición manipulada. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI36150 http://www-01.ibm.com/support/docview.wss?uid=swg21958024 http://www.securityfocus.com/bid/75475 http://www.securitytracker.com/id/1032970 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0

Open redirect vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. Vulnerabilidad de redirección abierta en IBM WebSphere Portal 8.0.0 anterior a 8.0.0.1 CF17 y 8.5.0 anterior a CF06 permite a atacantes remotos redirigir usuarios hacia sitios web arbitrarios y realizar ataques de phishing a través de una URL manipulada. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI38632 http://www-01.ibm.com/support/docview.wss?uid=swg21884060 http://www.securityfocus.com/bid/74705 •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

IBM WebSphere Portal 8.5 through CF05 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. IBM WebSphere Portal 8.5 hasta CF05 permite a atacantes remotos causar una denegación de servicio (consumo de CPU) a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI37139 http://www-01.ibm.com/support/docview.wss?uid=swg21700066 • CWE-399: Resource Management Errors •

CVSS: 4.3EPSS: 0%CPEs: 17EXPL: 0

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF16, and 8.5.0 through CF05, as used in Web Content Manager and other products, allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en IBM WebSphere Portal 6.1.0 hasta 6.1.0.6 CF27, 6.1.5 hasta 6.1.5.3 CF27, 7.0.0 hasta 7.0.0.2 CF29, 8.0.0 hasta 8.0.0.1 CF16, y 8.5.0 hasta CF05, utilizado en Web Content Manager y otros productos, permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de una URL manipulada. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI37661 http://www-01.ibm.com/support/docview.wss?uid=swg21701566 http://www.securityfocus.com/bid/74218 http://www.securitytracker.com/id/1032189 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0

The Remote Document Conversion Service (DCS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF16, and 8.5.0 through CF05 allows remote attackers to cause a denial of service (memory consumption) via crafted requests. Remote Document Conversion Service (DCS) en IBM WebSphere Portal 6.1.0 hasta 6.1.0.6 CF27, 6.1.5 hasta 6.1.5.3 CF27, 7.0.0 hasta 7.0.0.2 CF29, 8.0.0 hasta 8.0.0.1 CF16, y 8.5.0 hasta CF05 permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de solicitudes manipuladas. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI37356 http://www-01.ibm.com/support/docview.wss?uid=swg21701566 http://www.securityfocus.com/bid/74216 http://www.securitytracker.com/id/1032189 • CWE-399: Resource Management Errors •