Lucene search
K

303 matches found

Prion
Prion
added 2021/06/25 4:15 p.m.20 views

Code injection

UNSUPPORTED WHEN ASSIGNED Oracle GlassFish Server 3.1.2.18 and below allows /common/logViewer/logViewer.jsf XSS. A malicious user can cause an administrator user to supply dangerous content to the vulnerable page, which is then reflected back to the user and executed by the web browser. The most...

4.3CVSS6AI score0.00926EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/06/25 3:16 p.m.28 views

CVE-2021-3314

Oracle GlassFish Server 3.1.2.18 and below allows /common/logViewer/logViewer.jsf XSS. A malicious user can cause an administrator user to supply dangerous content to the vulnerable page, which is then reflected back to the user and executed by the web browser. The most common mechanism for...

6.2AI score0.00926EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2021/06/25 12:0 a.m.5 views

PT-2021-20055 · Oracle · Oracle Glassfish Server

Name of the Vulnerable Software and Affected Versions: Oracle GlassFish Server versions 3.1.2.18 and below Description: The issue allows a malicious user to cause an administrator user to supply dangerous content to the vulnerable page, which is then reflected back to the user and executed by the...

6.1CVSS6.4AI score0.00926EPSS
Exploits1References8
CNNVD
CNNVD
added 2021/06/25 12:0 a.m.4 views

Oracle GlassFish Server 跨站脚本漏洞

Oracle GlassFish Server is an application from Oracle Corporation.Oracle GlassFish Server is built using the GlassFish Server Open Source Edition to provide a flexible, lightweight, and production-ready Java EE 6 application server. Oracle GlassFish Server suffers from a cross-site scripting...

6.1CVSS5.9AI score0.00926EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2019/09/05 12:0 a.m.52 views

Oracle GlassFish Server < 3.0.1.22 Multiple Vulnerabilities

According to its self-reported version number, the Oracle GlassFish Server running on the remote host is prior to 3.0.1.22. It is, therefore, affected by multiple vulnerabilities: - A local file inclusion vulnerability exists in Oracle GlassFish Server due to an insufficent level of user input...

9.8CVSS8AI score0.08348EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2019/04/04 12:0 a.m.8 views

Oracle Glassfish Installed (Windows)

Binary data oracleglassfishlocalwininstalled.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/04/04 12:0 a.m.13 views

Oracle Glassfish Installed (Linux/UNIX)

Binary data oracleglassfishlocalnixinstalled.nbin...

7.3AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/01/23 12:0 a.m.7 views

The vulnerability of the Java Server Faces component of the Oracle GlassFish Server software platform allows attackers to modify sensitive information or cause service failures.

The vulnerability of the Java Server Faces component of the Oracle GlassFish Server software platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to modify protected information or cause service failures...

9.7CVSS7.5AI score0.01902EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/12/11 12:0 a.m.1112 views

Oracle GlassFish Server 3.1.2.x < 3.1.2.19 (October 2018 CPU)

According to its self-reported version, the Oracle GlassFish Server running on the remote host is 3.1.2.x prior to 3.1.2.19. Is is, therefore, affected by multiple vulnerabilities: - A vulnerability could allow an Attacker with unauthenticated network access to compromise Oracle GlassFish Server....

8.3CVSS6.8AI score0.02025EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/11/29 12:0 a.m.95 views

FreeBSD : payara -- Multiple vulnerabilities (d70c9e18-f340-11e8-be46-0019dbb15b3f)

Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution. Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability...

9.8CVSS6.7AI score0.34731EPSS
Exploits0References8
OSV
OSV
added 2018/10/17 1:31 a.m.4 views

CVE-2018-3152

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

7.5CVSS7.3AI score0.02025EPSS
Exploits0References2
NVD
NVD
added 2018/10/17 1:31 a.m.22 views

CVE-2018-3152

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

7.5CVSS7AI score0.02025EPSS
Exploits0References2
NVD
NVD
added 2018/10/17 1:31 a.m.34 views

CVE-2018-2911

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

8.3CVSS7.8AI score0.01902EPSS
Exploits0References2
Prion
Prion
added 2018/10/17 1:31 a.m.28 views

Buffer overflow

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

5CVSS7.1AI score0.02025EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/10/17 1:31 a.m.21 views

Buffer overflow

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

5CVSS4.4AI score0.01657EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/10/17 1:0 a.m.24 views

CVE-2018-3210

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

4.6AI score0.01657EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/10/17 1:0 a.m.25 views

CVE-2018-3152

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

7.1AI score0.02025EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/10/17 1:0 a.m.40 views

CVE-2018-2911

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

7.8AI score0.01902EPSS
Exploits0References2
CNVD
CNVD
added 2018/10/17 12:0 a.m.4 views

Unspecified Vulnerability in Oracle GlassFish Server (CNVD-2019-38557)

Oracle Fusion Middleware is a digital business platform for enterprise and cloud computing, and Oracle GlassFish Server is an implementation of the Java Platform Enterprise Edition Java EE 6 specification that provides a flexible, lightweight, production-ready Java EE 6 application server. An...

7.5CVSS8.1AI score0.02025EPSS
Exploits0References1
CNVD
CNVD
added 2018/10/17 12:0 a.m.4 views

Unspecified Vulnerability in Oracle GlassFish Server (CNVD-2019-38558)

Oracle Fusion Middleware is a digital business platform for enterprise and cloud computing, and Oracle GlassFish Server is an implementation of the Java Platform Enterprise Edition Java EE 6 specification that provides a flexible, lightweight, production-ready Java EE 6 application server. An...

5.3CVSS7.9AI score0.01657EPSS
Exploits0References1
Rows per page
Query Builder