Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.11 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

EUVD-2011-2881

Malware in sbrugna...

EUVD-2011-4529

Malware in sbrugna...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHSA-2013:0195 Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 update

Bulletin has no description...

EAP: field-name is not parsed in accordance to RFC7230

A flaw was discovered in JBoss EAP, where it does not process the header field-name in accordance with RFC7230. Whitespace between the header field-name and colon is processed, resulting in an HTTP response code of 200 instead of a bad request of 400...

Red Hat JBoss Enterprise Application Platform 安全漏洞

Red Hat JBoss Enterprise Application Platform EAP is the United States Red Hat Red Hat company's set of open source , J2EE-based middleware platform. The platform is mainly used to build, deploy and host Java applications and services. A security vulnerability exists in Red Hat JBoss Enterprise...

The vulnerability of the GET and POST methods of the JBoss Enterprise Application Platform allows attackers to obtain confidential information.

The vulnerability of the GET and POST methods of the JBoss Enterprise Application Platform is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information through a specially crafted request...

Vulnerabilities fixed in Red Hat JBoss Enterprise Application Platform

Vulnerabilities have been fixed in Red Hat JBOSS Enterprise Application Platform. The vulnerabilities allow a remote malicious person to remotely capable of causing a denial-of-service or execute arbitrary code. Red Hat has released updates to fix the vulnerabilities. More information can be foun...

Vulnerability fixed in Red Hat JBoss Enterprise Application Platform

A vulnerability has been fixed in Red Hat JBoss Enterprise Application Platform. A remote malicious agent could vulnerability potentially exploit it to cause a denial-of-service cause. Red Hat has released updates to fix the vulnerability. More information can be found on the page below:...

The vulnerability of the Picketlink component of the JBoss Enterprise Application Platform allows a perpetrator to execute cross-site scripting attacks.

The vulnerability of the Picketlink component in the JBoss Enterprise Application Platform exists due to the lack of measures taken to protect the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the JBoss Enterprise Application Platform exists due to the lack of measures taken to protect the website structure. This allows attackers to perform cross-site scripting attacks and disclose the protected information.

The vulnerability of the JBoss Enterprise Application Platform exists due to the lack of measures taken to protect the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks and disclose sensitive information by using an SAMLRequest...

The vulnerability of the JBoss platform, related to inconsistent interpretation of http requests, allows attackers to compromise the integrity of data.

The vulnerability of the JBoss platform is related to inconsistent interpretation of HTTP requests. Exploiting this vulnerability can allow a remote attacker to compromise data integrity...

K8tools

It is an offensive tool for web application exploitation. The repository, K8tools, contains a collection of tools for various purposes, including internal penetration, privilege escalation, remote overflow, vulnerability exploitation, scanning, password cracking, and anti-kill tools. The primary...

The vulnerability of the Codehaus development environment of the JBoss Enterprise Application Platform allows a perpetrator to execute arbitrary code.

The vulnerability of the Codehaus development environment on the JBoss Enterprise Application Platform is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2019-3872

It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks...

picketlink: reflected XSS in SAMLRequest via RelayState parameter

It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks...

picketlink: reflected XSS in SAMLRequest via RelayState parameter

It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks...

picketlink: reflected XSS in SAMLRequest via RelayState parameter

It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks...

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.0 security update

Updated packages that provide Red Hat JBoss Enterprise Application Platform 7.2.0, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scorin...