Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-4189

Malware in sbrugna...

2.1CVSS6.4AI score0.00338EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-0310

Malware in sbrugna...

9CVSS6.4AI score0.02196EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2012-0100

Malware in sbrugna...

5.8CVSS6.4AI score0.0112EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-4499

Malware in sbrugna...

3.5CVSS6.4AI score0.00807EPSS
Exploits1References4
Cvelist
Cvelist
added 2020/01/23 6:10 p.m.28 views

CVE-2012-5626

EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation...

7.6AI score0.00909EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/10/16 5:5 p.m.164 views

Important: Red Hat Security Advisory: Red Hat JBoss Operations Network 3.3.11 security and bug fix update

An update is now available for Red Hat JBoss Operations Network. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS8AI score0.49727EPSS
Exploits4References20
Prion
Prion
added 2016/09/27 3:59 p.m.25 views

Deserialization of untrusted data

The server in Red Hat JBoss Operations Network JON, when SSL authentication is not configured for JON server / agent communication, allows remote attackers to execute arbitrary code via a crafted HTTP request, related to message deserialization. NOTE: this vulnerability exists because of an...

9CVSS8.2AI score0.10625EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2016/09/07 7:28 p.m.33 views

CVE-2016-5422

The web console in Red Hat JBoss Operations Network JON before 3.3.7 does not properly authorize requests to add users with the super user role, which allows remote authenticated users to gain admin privileges via a crafted POST request...

8.8CVSS8.4AI score0.02139EPSS
Exploits0References2
Prion
Prion
added 2016/09/07 7:28 p.m.21 views

Design/Logic Flaw

The web console in Red Hat JBoss Operations Network JON before 3.3.7 does not properly authorize requests to add users with the super user role, which allows remote authenticated users to gain admin privileges via a crafted POST request...

6.5CVSS6.9AI score0.02139EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2016/08/24 12:0 a.m.4 views

Red Hat JBoss Operations Network Remote Code Execution Vulnerability (CNVD-2016-06652)

Red Hat JBoss Operations Network JON is the United States Red Hat Red Hat a J2EE-based open source application server, it can deploy, manage, monitor JBoss enterprise middleware, applications and services. A remote code execution vulnerability exists in Red Hat JON. An attacker could exploit this...

9.8CVSS8.4AI score0.10625EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2016/08/22 1:18 a.m.29 views

CVE-2016-6330

The server in Red Hat JBoss Operations Network JON, when SSL authentication is not configured for JON server / agent communication, allows remote attackers to execute arbitrary code via a crafted HTTP request, related to message deserialization. NOTE: this vulnerability exists because of an...

9.8CVSS9.5AI score0.10625EPSS
Exploits0References1
Prion
Prion
added 2016/08/02 2:59 p.m.21 views

Deserialization of untrusted data

The server in Red Hat JBoss Operations Network JON before 3.3.6 allows remote attackers to execute arbitrary code via a crafted HTTP request, related to message deserialization...

9CVSS9.5AI score0.06706EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/06/06 12:0 a.m.37 views

Red Hat JBoss Operations Network Java Object Deserialization RCE

The remote Red Hat JBoss Operations Network server is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Jython library. An unauthenticated, remote attacker can exploit this, by sending specially crafted Java objects to the HTT...

9.8CVSS8.9AI score0.06706EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2015/12/04 5:12 p.m.39 views

Critical: Red Hat Security Advisory: Red Hat JBoss Operations Network 3.2.3 security update

An update for Red Hat JBoss Operations Network 3.2.3 that fixes one security issue in the Apache commons-collections library is now available. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

10CVSS6.7AI score0.83274EPSS
Exploits8References4
Cvelist
Cvelist
added 2015/08/11 2:0 p.m.26 views

CVE-2015-3267

Cross-site scripting XSS vulnerability in the 404 error page in Red Hat JBoss Operations Network before 3.3.3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

5.6AI score0.0121EPSS
Exploits0References3
NVD
NVD
added 2014/02/14 3:55 p.m.21 views

CVE-2012-0052

Red Hat JBoss Operations Network JON before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key, which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name...

5.8CVSS6.8AI score0.01182EPSS
Exploits1References3
NVD
NVD
added 2014/02/14 3:55 p.m.21 views

CVE-2012-0062

Red Hat JBoss Operations Network JON before 2.4.2 and 3.0.x before 3.0.1 allows remote attackers to hijack agent sessions via an agent registration request without a security token...

5.8CVSS6.7AI score0.0112EPSS
Exploits1References3
Cvelist
Cvelist
added 2014/02/14 3:0 p.m.26 views

CVE-2012-0052

Red Hat JBoss Operations Network JON before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key, which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name...

6.8AI score0.01182EPSS
Exploits1References3
Prion
Prion
added 2013/12/24 7:55 p.m.17 views

Authentication flaw

Red Hat JBoss Operations Network 3.1.2 uses world-readable permissions for the 1 server and 2 agent configuration files, which allows local users to obtain authentication credentials and other unspecified sensitive information by reading these files...

2.1CVSS6.7AI score0.00364EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2013/10/24 3:48 a.m.24 views

CVE-2013-4293

The server in Red Hat JBoss Operations Network JON 3.1.2 logs passwords in plaintext, which allows local users to obtain sensitive information by reading the log files...

2.1CVSS5.8AI score0.00338EPSS
Exploits0References2
Rows per page
Query Builder