Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Websphere_mq
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 89 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-07-10 | CVE-2017-1337 | IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly transmit user credentials in plain text. IBM X-Force ID: 126245. | Websphere_mq | 8.1 | ||
| 2017-11-27 | CVE-2017-1283 | IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a shared memory leak by MQ applications using dynamic queues, which can lead to lack of resources for other MQ applications. IBM X-Force ID: 125144. | Websphere_mq | 4.3 | ||
| 2017-09-25 | CVE-2017-1235 | IBM WebSphere MQ 8.0 could allow an authenticated user to cause a premature termination of a client application thread which could potentially cause denial of service. IBM X-Force ID: 123914. | Websphere_mq | 6.5 | ||
| 2017-03-20 | CVE-2017-1145 | IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #: 1999672. | Websphere_mq | 8.6 | ||
| 2017-06-21 | CVE-2017-1117 | IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a denial of service to the MQXR channel when trace is enabled. IBM X-Force ID: 121155. | Websphere_mq | 5.3 | ||
| 2018-02-07 | CVE-2018-1388 | GSKit V7 may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding. IBM X-Force ID: 138212. | Websphere_mq | 7.5 | ||
| 2018-04-17 | CVE-2018-1371 | An IBM WebSphere MQ 8.0.0.8, 9.0.0.2, and 9.0.4 Client connecting to a MQ Queue Manager can cause a SIGSEGV in the AMQRMPPA channel process terminating it. IBM X-Force ID: 137771. | Websphere_mq | 6.5 | ||
| 2017-07-12 | CVE-2017-1285 | IBM WebSphere MQ 9.0.1 and 9.0.2 could allow an authenticated user with authority to send a specially crafted message that would cause a channel to remain in a running state but not process messages. IBM X-Force ID: 125146. | Websphere_mq | 6.5 | ||
| 2017-07-10 | CVE-2017-1284 | IBM WebSphere MQ 9.0.1 and 9.0.2 could allow a local user with ability to run or enable trace, to obtain sensitive information from WebSphere Application Server traces including user credentials. IBM X-Force ID: 125145. | Websphere_mq | 4.7 | ||
| 2017-07-06 | CVE-2017-1236 | IBM WebSphere MQ 9.0.2 could allow an authenticated user to potentially cause a denial of service by saving an incorrect channel status inquiry. IBM X-Force ID: 124354 | Websphere_mq | 6.5 |