Lucene search
K

19 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/07/21 11:52 a.m.49 views

Security Bulletin: IBM Sterling Global Mailbox is vulnerable to arbitrary command execution due to com.ibm.ws.org.apache.commons.collections (CVE-2015-7501)

Summary A security vulnerability has been identified and addressed in com.ibm.ws.org.apache.commons.collections.3.2.1-1.0.9.jar shipped with IBM Sterling Global Mailbox. Vulnerability Details CVEID:CVE-2015-7501 DESCRIPTION: Red Hat JBoss A-MQ 6.x; BPM Suite BPMS 6.x; BRMS 6.x and 5.x; Data Grid...

10CVSS7.9AI score0.83274EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/31 10:52 p.m.38 views

Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - activemq-camel-5.15.9.jar (CVE-2015-5182, CVE-2015-5183, CVE-2015-5184, CVE-2020-1941)

Summary activemq-camel-5.15.9.jar vulnerable to multiple CVEs. Details below. Vulnerability Details CVEID: CVE-2015-5182 DESCRIPTION: Red Hat JBoss A-MQ is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input by the jolokia API. By persuading an...

8.8CVSS0.5AI score0.06208EPSS
Exploits0Affected Software1
Prion
Prion
added 2018/08/01 2:29 p.m.20 views

Deserialization of untrusted data

It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations. An attacker could use this flaw to execute remote code on the server as the user running the Java Virtual Machine if the target MBean contain...

6.5CVSS7.8AI score0.02004EPSS
Exploits0References2Affected Software2
NVD
NVD
added 2018/08/01 2:29 p.m.27 views

CVE-2016-8648

It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations. An attacker could use this flaw to execute remote code on the server as the user running the Java Virtual Machine if the target MBean contain...

7.2CVSS7.3AI score0.02004EPSS
Exploits0References2
CVE
CVE
added 2018/08/01 2:0 p.m.74 views

CVE-2016-8648

CVE-2016-8648 affects the Karaf container used by Red Hat JBoss Fuse 6.x and Red Hat JBoss A-MQ 6.x. The vulnerability arises from deserializing objects passed to MBeans via JMX operations, which could allow an attacker to execute remote code in the context of the JVM if deserialization gadgets e...

7.2CVSS7.3AI score0.02004EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2018/08/01 2:0 p.m.28 views

CVE-2016-8648

It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations. An attacker could use this flaw to execute remote code on the server as the user running the Java Virtual Machine if the target MBean contain...

7.2CVSS7.4AI score0.02004EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/05/03 7:4 p.m.117 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R7 security and bug fix update

An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.8CVSS6.7AI score0.10248EPSS
Exploits3References9
RedHat Linux
RedHat Linux
added 2017/08/10 11:3 p.m.121 views

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R4 security and bug fix update

An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

9.8CVSS7.1AI score0.11167EPSS
Exploits1References15
RedHat Linux
RedHat Linux
added 2017/04/03 9:2 p.m.90 views

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R2 security and bug fix update

An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

9.8CVSS7.6AI score0.99906EPSS
Exploits21References12
CNVD
CNVD
added 2016/12/02 12:0 a.m.5 views

RedHat Jboss Fuse and Jboss A-MQ Denial of Service Vulnerabilities

Red Hat JBoss Fuse and JBoss A-MQ are both products of Red Hat's JBoss middleware.JBoss Fuse is an open source enterprise service bus platform.JBoss A-MQ is an open source messaging platform. A denial of service vulnerability exists in RedHat Jboss Fuse and Jboss A-MQ version 6. An attacker could...

5.3CVSS6.7AI score0.01933EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/07/13 7:44 p.m.77 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.2.1 security and bug fix update

Red Hat JBoss Fuse and A-MQ 6.2.1 Rollup Patch 3, which fixes two security issues and includes several bug fixes and various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common...

6.1CVSS6.3AI score0.08323EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2015/12/07 8:46 p.m.49 views

Important: Red Hat Security Advisory: Red Hat JBoss Fuse 6.2.1 update

Red Hat JBoss Fuse 6.2.1, which fixes three security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores,...

10CVSS6.8AI score0.83274EPSS
Exploits12References8
RedHat Linux
RedHat Linux
added 2015/12/07 8:46 p.m.55 views

Important: Red Hat Security Advisory: Red Hat JBoss A-MQ 6.2.1 update

Red Hat JBoss A-MQ 6.2.1, which fixes three security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores,...

10CVSS6.9AI score0.83274EPSS
Exploits12References8
RedHat Linux
RedHat Linux
added 2015/06/23 4:52 p.m.51 views

Important: Red Hat Security Advisory: Red Hat JBoss A-MQ 6.2.0 update

Red Hat JBoss A-MQ 6.2.0, which fixes multiple security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores,...

7.5CVSS6.7AI score0.09149EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2015/02/05 9:30 p.m.35 views

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.1.0 security and bug fix update

Red Hat JBoss Fuse and A-MQ 6.1.0 Patch 3 on Rollup Patch 1 R1P3, which fixes two security issues and one bug, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base score...

9.8CVSS6.8AI score0.09851EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/04/14 1:46 p.m.48 views

Moderate: Red Hat Security Advisory: Red Hat JBoss A-MQ 6.1.0 update

Red Hat JBoss A-MQ 6.1.0, which fixes multiple security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS bas...

7.5CVSS6.6AI score0.91354EPSS
Exploits10References12
Prion
Prion
added 2013/09/30 9:55 p.m.23 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Fuse Management Console in Red Hat JBoss Fuse 6.0.0 before patch 3 and JBoss A-MQ 6.0.0 before patch 3 allow remote attackers to inject arbitrary web script or HTML via the 1 user field in the create user page or 2 profile version to the create...

4.3CVSS6AI score0.02164EPSS
Exploits1References7Affected Software2
Cvelist
Cvelist
added 2013/09/30 7:0 p.m.27 views

CVE-2013-4372

Multiple cross-site scripting XSS vulnerabilities in Fuse Management Console in Red Hat JBoss Fuse 6.0.0 before patch 3 and JBoss A-MQ 6.0.0 before patch 3 allow remote attackers to inject arbitrary web script or HTML via the 1 user field in the create user page or 2 profile version to the create...

5.8AI score0.02164EPSS
Exploits1References7
CVE
CVE
added 2013/09/30 7:0 p.m.67 views

CVE-2013-4372

CVE-2013-4372: Stored XSS in the Fuse Management Console of Red Hat JBoss Fuse 6.0.0 before patch 3 and JBoss A-MQ 6.0.0 before patch 3, exploitable via the user field on the create user page or the profile version on the create profile page. This can allow remote attackers to inject arbitrary we...

4.3CVSS5.9AI score0.02164EPSS
Exploits1References7Affected Software2
Rows per page
Query Builder