| Max CVSS | 9.3 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-0250 | 6.4 |
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file. <a href="http://cwe.mitre
|
04-11-2017 - 01:29 | 24-03-2015 - 17:59 | |
| CVE-2015-1932 | 5.0 |
IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before 8.0.0.11, and 8.5.x before 8.5.5.7 and WebSphere Virtual Enterprise before 7.0.0.7 allow remote attackers to obtain potentially sensitive information about the proxy-server software b
|
20-09-2017 - 01:29 | 22-08-2015 - 23:59 | |
| CVE-2014-8890 | 5.1 |
IBM WebSphere Application Server Liberty Profile 8.5.x before 8.5.5.4 allows remote attackers to gain privileges by leveraging the combination of a servlet's deployment descriptor security constraints and ServletSecurity annotations.
|
08-09-2017 - 01:29 | 18-12-2014 - 16:59 | |
| CVE-2015-4938 | 5.0 |
IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before 8.0.0.11, and 8.5.x before 8.5.5.7 allows remote attackers to spoof servlets and obtain sensitive information via unspecified vectors.
|
24-12-2016 - 02:59 | 22-08-2015 - 23:59 | |
| CVE-2015-1927 | 6.8 |
The default configuration of IBM WebSphere Application Server (WAS) 7.0.0 before 7.0.0.39, 8.0.0 before 8.0.0.11, and 8.5 before 8.5.5.6 has a false value for the com.ibm.ws.webcontainer.disallowServeServletsByClassname WebContainer property, which a
|
22-12-2016 - 02:59 | 14-07-2015 - 17:59 | |
| CVE-2015-1885 | 9.3 |
WebSphereOauth20SP.ear in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.39, 8.0 before 8.0.0.11, 8.5 Liberty Profile before 8.5.5.5, and 8.5 Full Profile before 8.5.5.6, when the OAuth grant type requires sending a password, allows remote a
|
22-12-2016 - 02:59 | 27-04-2015 - 12:59 |