Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Http Server  >> 8.5.0.0  Security Vulnerabilities
CVE-2026-8854
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache.
CVSS Score
7.5
EPSS Score
0.004
Published
2026-05-26
CVE-2026-8855
IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication).
CVSS Score
8.1
EPSS Score
0.005
Published
2026-05-26
CVE-2026-8856
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration.
CVSS Score
7.7
EPSS Score
0.002
Published
2026-05-26
CVE-2026-9170
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service and a potential remote code execution due to improper input validation.
CVSS Score
9.8
EPSS Score
0.005
Published
2026-05-26
CVE-2026-8834
IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service.
CVSS Score
8.0
EPSS Score
0.003
Published
2026-05-26
CVE-2026-8835
IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service.
CVSS Score
7.3
EPSS Score
0.003
Published
2026-05-26
CVE-2026-8850
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_ibm_upload.
CVSS Score
7.5
EPSS Score
0.004
Published
2026-05-26
CVE-2026-8852
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_fastcgi module.
CVSS Score
6.2
EPSS Score
0.002
Published
2026-05-26
CVE-2023-32342
IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 255828.
CVSS Score
7.5
EPSS Score
0.009
Published
2023-05-30
CVE-2023-26281
IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296.
CVSS Score
5.9
EPSS Score
0.011
Published
2023-03-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved