Lucene search
K

141 matches found

Rockylinux
Rockylinux
added 2021/05/18 6:21 a.m.21 views

3.6 bug fix and enhancement update

An update is available for apache-commons-io, atinject, jsr-305, maven-shared-utils, plexus-cipher, aopalliance, plexus-classworlds, guava, apache-commons-cli, plexus-containers, plexus-sec-dispatcher, httpcomponents-client, maven-resolver, apache-commons-lang3, plexus-interpolation, sisu,...

1.8AI score
Exploits0
Amazon
Amazon
added 2020/10/27 12:0 a.m.28 views

Medium: geronimo-jaxrpc

Issue Overview: Liblouis 3.5.0 has a Segmentation fault in loulogPrint in logging.c. CVE-2018-11577 Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c. CVE-2018-11684 Liblouis 3.5.0 has a stack-based Buffer Overflow in the function...

8.8CVSS9.1AI score0.03236EPSS
Exploits1
Openbugbounty
Openbugbounty
added 2020/06/05 11:42 a.m.8 views

apache-geronimo.328035.n3.nabble.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1184944 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

6.1AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/05 12:53 a.m.31 views

Security Bulletin: Multiple Security Vulnerabilities in Apache Geronimo Affect IBM Sterling B2B Integrator

Summary Multiple Security Vulnerabilities in Apache Geronimo Affect IBM Sterling B2B Integrator Vulnerability Details CVEID: CVE-2008-0732 DESCRIPTION: Apache Geronimo could allow a local attacker to obtain sensitive information, caused by the init script following symlinks during a chown...

10CVSS0.5AI score0.81155EPSS
Exploits6Affected Software1
Veracode
Veracode
added 2019/07/08 11:31 a.m.19 views

Authentication Bypass

geronimo is vulnerable to authentication bypass. A remote attacker is able to bypass the login function by attempting to login using a non-existent username...

7.5CVSS6.5AI score0.03145EPSS
Exploits0References8Affected Software1
Veracode
Veracode
added 2019/07/08 11:22 a.m.27 views

Cross-Site Scripting (XSS)

geronimo is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a victim's browser via the name, ip, username or description parameters in console/portal/Server/Monitoring, and PATHINFO parameter to the default URI under console/portal/...

4.3CVSS5.7AI score0.18003EPSS
Exploits2References8Affected Software2
Veracode
Veracode
added 2019/07/08 9:44 a.m.20 views

Authentication Bypass

geronimo is vulnerable to authentication bypass. A remote attacker is able to bypass authentication to obtain access to Geronimo internals and retrieve confidential information...

5CVSS6.5AI score0.03203EPSS
Exploits0References8Affected Software3
Veracode
Veracode
added 2019/03/25 8:40 a.m.20 views

Directory Traversal

Apache Geronimo web administration console is vulnerable to directory traversal. The vulnerabilty is possible because it does not validate the input to the web administrative console, allowing a remote attacker to upload any file in any directory...

9.4CVSS6.2AI score0.35929EPSS
Exploits1References12Affected Software3
Veracode
Veracode
added 2019/03/25 8:40 a.m.30 views

Cross-Site Request Forgery (CSRF)

Apache Geronimo application server is vulnerable to cross-site request forgery. Attackers can exploit the vulnerability to obtain sensitive information, upload arbitrary files, execute arbitrary script code, steal cookie-based authentication credentials, or perform certain administrative actions...

6.8CVSS6.8AI score0.11059EPSS
Exploits2References8Affected Software2
Veracode
Veracode
added 2019/03/25 8:40 a.m.25 views

Authentication Bypass

Apache Geronimo is vulnerable to authentication bypass. This is caused by improper exception handling for failed logins, which would allow a remote attacker to bypass authentication requirements and deploy arbitrary modules and gain administrative access by submitting a blank username and passwor...

10CVSS7.1AI score0.0419EPSS
Exploits0References5Affected Software1
Veracode
Veracode
added 2018/11/14 2:55 a.m.10 views

Cross-Site Scripting (XSS)

Apache Geronimo is vulnerable to cross-site scripting. A remote attacker is able to inject arbitrary Javascript into log files via the time parameter or any invalid parameters to cal2.jsp. The injected Javascript executes on the victim's browser when the log files are viewed through the...

4.3CVSS6.8AI score0.32247EPSS
Exploits1References14Affected Software12
Veracode
Veracode
added 2016/12/15 5:41 a.m.25 views

Denial Of Service (DoS)

Apache Geronimo is vulnerable to denial of service attacks through resource consumption. This is caused because it computes hash values for form parameters without reliably predicting hash collisions. This allows attackers to cause denial of service attacks by sending multiple parameters designed...

7.8CVSS6AI score0.81155EPSS
Exploits5References19Affected Software3
Tenable Nessus
Tenable Nessus
added 2016/03/03 12:0 a.m.86 views

VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0016) (remote check)

The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in the following components : - Apache Geronimo - Apache Tomcat - Apache Xerces2 - cURL/libcURL - ISC BIND - Libxml2 -...

10CVSS6.4AI score0.9444EPSS
Exploits103References93
RedhatCVE
RedhatCVE
added 2015/10/30 9:26 a.m.25 views

CVE-2007-5797

SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database...

7.5CVSS7.6AI score0.03145EPSS
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

Apache Geronimo 2.1.x /console/portal/Server/Monitoring Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability - Multiple HTML-injection vulnerabilities - ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Apache Geronimo 1.0 Error Page XSS

No description provided by source. source: http://www.securityfocus.com/bid/16260/info Apache Geronimo is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit could allow an attacker to compromise the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.35 views

Apache Tomcat / Geronimo 1.0 Sample Script cal2.jsp time Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16260/info Apache Geronimo is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit could allow an attacker to compromise the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.35 views

Apache Geronimo <= 2.1.3 - Multiple Directory Traversal Vulnerabilities

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-09-018 Application: Apache Geronimo Application Server Versions Affected: 2.1 - 2.1.3 Vendor URL: http://geronimo.apache.org/ Bug: Directory Traversal File Upload Exploits: YES Reported: 10.12.2008 Vendor...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Apache Geronimo 2.1.x Multiple Admin Function CSRF

No description provided by source. source: http://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability - Multiple HTML-injection vulnerabilities - ...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Apache Geronimo 2.1.x /console/portal/ URI XSS

No description provided by source. source: http://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability - Multiple HTML-injection vulnerabilities - ...

7.1AI score
Exploits0
Rows per page
Query Builder