Lucene search
K

304 matches found

Tenable Nessus
Tenable Nessus
added 2018/12/11 12:0 a.m.1112 views

Oracle GlassFish Server 3.1.2.x < 3.1.2.19 (October 2018 CPU)

According to its self-reported version, the Oracle GlassFish Server running on the remote host is 3.1.2.x prior to 3.1.2.19. Is is, therefore, affected by multiple vulnerabilities: - A vulnerability could allow an Attacker with unauthenticated network access to compromise Oracle GlassFish Server....

8.3CVSS6.8AI score0.02025EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/11/29 12:0 a.m.95 views

FreeBSD : payara -- Multiple vulnerabilities (d70c9e18-f340-11e8-be46-0019dbb15b3f)

Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution. Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability...

9.8CVSS6.7AI score0.34731EPSS
Exploits0References8
OSV
OSV
added 2018/10/17 1:31 a.m.4 views

CVE-2018-3152

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

7.5CVSS7.3AI score0.02025EPSS
Exploits0References2
NVD
NVD
added 2018/10/17 1:31 a.m.22 views

CVE-2018-3152

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

7.5CVSS7AI score0.02025EPSS
Exploits0References2
OSV
OSV
added 2018/10/17 1:31 a.m.2 views

CVE-2018-2911

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

8.3CVSS7.3AI score
Exploits0References2
NVD
NVD
added 2018/10/17 1:31 a.m.34 views

CVE-2018-2911

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

8.3CVSS7.8AI score0.01902EPSS
Exploits0References2
Prion
Prion
added 2018/10/17 1:31 a.m.28 views

Buffer overflow

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

5CVSS7.1AI score0.02025EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/10/17 1:31 a.m.21 views

Buffer overflow

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

5CVSS4.4AI score0.01657EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/10/17 1:0 a.m.78 views

CVE-2018-3152

CVE-2018-3152 affects Oracle GlassFish Server 3.1.2 in the Administration component. The vulnerability allows an unauthenticated attacker with network access via HTTP to cause a hang or complete denial-of-service of the GlassFish server. Documented impact is an availability loss (CVSSv3 base 7.5)...

7.5CVSS7AI score0.02025EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/10/17 1:0 a.m.24 views

CVE-2018-3210

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

4.6AI score0.01657EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/10/17 1:0 a.m.40 views

CVE-2018-2911

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

7.8AI score0.01902EPSS
Exploits0References2
CNVD
CNVD
added 2018/10/17 12:0 a.m.4 views

Unspecified Vulnerability in Oracle GlassFish Server (CNVD-2019-38557)

Oracle Fusion Middleware is a digital business platform for enterprise and cloud computing, and Oracle GlassFish Server is an implementation of the Java Platform Enterprise Edition Java EE 6 specification that provides a flexible, lightweight, production-ready Java EE 6 application server. An...

7.5CVSS8.1AI score0.02025EPSS
Exploits0References1
CNVD
CNVD
added 2018/10/17 12:0 a.m.10 views

Unspecified Vulnerability in Oracle GlassFish Server (CNVD-2018-24379)

Oracle Fusion Middleware Oracle Fusion Middleware is Oracle's Oracle set of business innovation platform for enterprise and cloud environments, which provides middleware, software collections, etc. GlassFish Server is one of the application server components. A security vulnerability exists in th...

8.3CVSS8.1AI score0.01902EPSS
Exploits0References1
CNVD
CNVD
added 2018/10/17 12:0 a.m.7 views

Unspecified Vulnerability in Oracle GlassFish Server (CNVD-2019-38558)

Oracle Fusion Middleware is a digital business platform for enterprise and cloud computing, and Oracle GlassFish Server is an implementation of the Java Platform Enterprise Edition Java EE 6 specification that provides a flexible, lightweight, production-ready Java EE 6 application server. An...

5.3CVSS7.9AI score0.01657EPSS
Exploits0References1
0day.today
0day.today
added 2018/08/14 12:0 a.m.73 views

Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal Exploit

Exploit for windows platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Path Traversal in Oracle GlassFish Server Open Source Edition', 'Description' = %q This...

4CVSS7.8AI score0.99479EPSS
Exploits9
Exploit DB
Exploit DB
added 2018/08/14 12:0 a.m.82 views

Oracle Glassfish OSE 4.1 - Path Traversal (Metasploit)

Exploit title: Oracle Glassfish OSE 4.1 - Path Traversal Metasploit Author: Dhiraj Mishra Date: 2018-08-14 Software: Oracle Glassfish Server OSE Version: 4.1 Software link: http://download.oracle.com/glassfish/4.1/release/glassfish-4.1.zip CVE: 2017-1000028 This module requires Metasploit:...

7.5CVSS7.4AI score0.99479EPSS
Exploits7
Metasploit
Metasploit
added 2018/07/31 12:29 p.m.88 views

Path Traversal in Oracle GlassFish Server Open Source Edition

This module exploits an unauthenticated directory traversal vulnerability which exists in administration console of Oracle GlassFish Server 4.1, which is listening by default on port 4848/TCP. This module requires Metasploit: https://metasploit.com/download Current source:...

7.5CVSS7.1AI score0.99479EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2018/06/19 12:0 a.m.959 views

Oracle GlassFish Server URL normalization Denial of Service

The instance of Oracle GlassFish Server running on the remote host is affected by an authenticated and unauthenticated denial of service vulnerability. The vulnerability is a result of an infinite loop in the normalize method in com.sun.jsftemplating.util.fileStreamer.ResourceContentSource. A...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/05/30 12:0 a.m.389 views

Oracle GlassFish Server Path Traversal

The instance of Oracle GlassFish Server running on the remote host is affected by an authenticated and unauthenticated path traversal vulnerability. Remote attacker can exploit this issue, via a specially crafted HTTP request, to access arbitrary files on the remote host. C Tenable Network...

7.5CVSS7.8AI score0.99479EPSS
Exploits7References2
NVD
NVD
added 2017/10/19 5:29 p.m.20 views

CVE-2017-10400

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration Graphical User Interface. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

5.8CVSS4.5AI score0.01212EPSS
Exploits0References3
Rows per page
Query Builder