Page 17 of 103 results (0.008 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in WebSphere 5.1.1 (or any earlier cumulative fix) Common Configuration Mode + CommonArchive and J2EE Models might allow attackers to obtain sensitive information via the trace. • http://archives.neohapsis.com/archives/bugtraq/2006-05/0175.html http://secunia.com/advisories/20032 http://securityreason.com/securityalert/910 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006879 http://www.vupen.com/english/advisories/2006/1736 http://www.vupen.com/english/advisories/2006/2552 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

WebSphere Application Server 5.0.2 (or any earlier cumulative fix) stores admin and LDAP passwords in plaintext in the FFDC logs when a login to WebSphere fails, which allows attackers to gain privileges. • http://archives.neohapsis.com/archives/bugtraq/2006-05/0175.html http://secunia.com/advisories/20032 http://securityreason.com/securityalert/910 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006881 http://www-1.ibm.com/support/search.wss?rs=0&q=PK17589&apar=only http://www.vupen.com/english/advisories/2006/1736 •

CVSS: 5.0EPSS: 2%CPEs: 3EXPL: 0

IBM WebSphere Application Server 4.0.1 through 4.0.3 allows remote attackers to cause a denial of service (application crash) via an HTTP request with a large header. • http://securitytracker.com/id?1015857 http://www-1.ibm.com/support/docview.wss?uid=swg21053738 http://www.vupen.com/english/advisories/2006/1214 https://exchange.xforce.ibmcloud.com/vulnerabilities/25619 •

CVSS: 6.4EPSS: 0%CPEs: 25EXPL: 0

Unspecified vulnerability in IBM WebSphere 5.0.2.10 through 5.0.2.15 and 5.1.1.4 through 5.1.1.9 allows remote attackers to obtain sensitive information via unknown attack vectors, which causes JSP source code to be revealed. • http://securitytracker.com/id?1015716 http://www-1.ibm.com/support/docview.wss?uid=swg21231377 http://www.securityfocus.com/bid/16908 http://www.vupen.com/english/advisories/2006/0788 •

CVSS: 5.0EPSS: 1%CPEs: 13EXPL: 0

IBM WebSphere Application Server (WAS) 5.0.2.5 through 5.1.1.3 allows remote attackers to obtain JSP source code and other sensitive information, related to incorrect request processing by the web container. • http://secunia.com/advisories/24478 http://www-1.ibm.com/support/docview.wss?uid=swg21243541 http://www-1.ibm.com/support/docview.wss?uid=swg24008814 http://www-1.ibm.com/support/docview.wss?uid=swg24013840 http://www.securityfocus.com/bid/22991 http://www.vupen.com/english/advisories/2007/0970 •