165 matches found
EUVD-2021-18290
Malware in sbrugna...
EUVD-2012-5336
Malware in sbrugna...
EUVD-2011-3565
Malware in sbrugna...
EUVD-2011-3568
Malware in sbrugna...
EUVD-2021-18291
Malware in sbrugna...
EUVD-2007-1351
Malware in sbrugna...
EUVD-2014-3484
Malware in sbrugna...
EUVD-2014-7703
Malware in sbrugna...
EUVD-2012-2547
Malware in sbrugna...
EUVD-2022-4802
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-5379
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Undertow. When an AJP request is sent that exceeds the max-header-size attribute in ajp-listener, JBoss EAP is marked in an error state by...
RHEL 6 : jbossas-web and jboss-naming (RHSA-2012:1027)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:1027 advisory. JBoss Application Server is the base package for JBoss Enterprise Web Platform, providing the core server components. The Java Naming and...
EAP: wildfly-elytron has a SSRF security issue
A flaw was found in JwtValidator.resolvePublicKey in JBoss EAP, where the validator checks jku and sends a HTTP request. During this process, no whitelisting or other filtering behavior is performed on the destination URL address, which may result in a server-side request forgery SSRF vulnerabili...
SUSE CVE-2006-5750
Directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server jbossas 3.2.4 through 4.0.5 allows remote authenticated users to read or modify arbitrary files, and possibly execute arbitrary code, via unspecified vectors related to the console manager...
SUSE CVE-2012-2312
An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated...
User confusion in IronJacamar
The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjunction with a security domain, does not use the credentials supplied in a getConnection function call, which allows remote attackers to obtain access to an arbitrary datasource...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4 security update
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2021-31380
A configuration weakness in the JBoss Application Server AppSvr component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to disclose sensitive information in the HTTP response which allows the attacker to obtain sensitive...
CVE-2021-31381
A configuration weakness in the JBoss Application Server AppSvr component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to delete files which may allow the attacker to disrupt the integrity and availability of the system...
CVE-2021-31380
A configuration weakness in the JBoss Application Server AppSvr component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to disclose sensitive information in the HTTP response which allows the attacker to obtain sensitive...