Lucene search
K

57 matches found

Chainguard
Chainguard
added yesterday3 views

GHSA-V853-W46P-FV2H vulnerabilities

Vulnerabilities for packages: apache-tomee...

6.1AI score
Exploits0
Chainguard
Chainguard
added yesterday4 views

CVE-2026-45505 vulnerabilities

Vulnerabilities for packages: apache-tomee...

8.8CVSS6.1AI score0.00577EPSS
Exploits0
Chainguard
Chainguard
added yesterday5 views

CVE-2026-42588 vulnerabilities

Vulnerabilities for packages: apache-tomee...

8.1CVSS6.1AI score0.00546EPSS
Exploits2
Chainguard
Chainguard
added yesterday4 views

GHSA-HG6C-8MVR-JQC9 vulnerabilities

Vulnerabilities for packages: apache-tomee...

6.1AI score
Exploits0
Chainguard
Chainguard
added yesterday4 views

GHSA-HF52-78X8-6W3W vulnerabilities

Vulnerabilities for packages: apache-tomee...

6.1AI score
Exploits0
Chainguard
Chainguard
added yesterday5 views

CVE-2026-49270 vulnerabilities

Vulnerabilities for packages: apache-tomee...

5.9CVSS6.1AI score0.00328EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-0794

Malware in sbrugna...

9.8CVSS9.3AI score0.0987EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1105

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.03654EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-0901

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.04115EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3769

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.02003EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 4:18 p.m.7 views

CVE-2020-13931

If Apache TomEE 8.0.0-M1 - 8.0.3, 7.1.0 - 7.1.3, 7.0.0-M1 - 7.0.8, 1.0.0 - 1.7.5 is configured to use the embedded ActiveMQ broker, and the broker config is misconfigured, a JMX port is opened on TCP port 1099, which does not include authentication. CVE-2020-11969 previously addressed the creatio...

9.8CVSS6.8AI score0.04115EPSS
Exploits0
OSV
OSV
added 2022/05/14 1:30 a.m.2 views

GHSA-FG44-W3FR-HGXV Apache TomEE console vulnerable to Cross-site Scripting

The Apache TomEE console tomee-webapp has a XSS vulnerability which could allow javascript to be executed if the user is given a malicious URL. This web application is typically used to add TomEE features to a Tomcat installation. The TomEE bundles do not ship with this application included. This...

6.1CVSS5.9AI score0.02003EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/14 1:30 a.m.29 views

Apache TomEE console vulnerable to Cross-site Scripting

The Apache TomEE console tomee-webapp has a XSS vulnerability which could allow javascript to be executed if the user is given a malicious URL. This web application is typically used to add TomEE features to a Tomcat installation. The TomEE bundles do not ship with this application included. This...

6.1CVSS1.1AI score0.02003EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/02/10 11:7 p.m.20 views

GHSA-836G-5FR5-FGCR Missing Authentication for Critical Function in Apache TomEE

If Apache TomEE is configured to use the embedded ActiveMQ broker, and the broker URI includes the useJMX=true parameter, a JMX port is opened on TCP port 1099, which does not include authentication. This affects Apache TomEE 8.0.0-M1 - 8.0.1, Apache TomEE 7.1.0 - 7.1.2, Apache TomEE 7.0.0-M1 -...

9.8CVSS9.3AI score0.04115EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2022/02/10 11:7 p.m.46 views

Missing Authentication for Critical Function in Apache TomEE

If Apache TomEE is configured to use the embedded ActiveMQ broker, and the broker URI includes the useJMX=true parameter, a JMX port is opened on TCP port 1099, which does not include authentication. This affects Apache TomEE 8.0.0-M1 - 8.0.1, Apache TomEE 7.1.0 - 7.1.2, Apache TomEE 7.0.0-M1 -...

9.8CVSS2.3AI score0.04115EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2022/02/09 10:44 p.m.9 views

GHSA-MP28-RQ7G-QX62 Remote code execution in Apache TomEE

If Apache TomEE 8.0.0-M1 - 8.0.3, 7.1.0 - 7.1.3, 7.0.0-M1 - 7.0.8, 1.0.0 - 1.7.5 is configured to use the embedded ActiveMQ broker, and the broker config is misconfigured, a JMX port is opened on TCP port 1099, which does not include authentication. CVE-2020-11969 previously addressed the creatio...

9.8CVSS7.2AI score0.03654EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/02/09 10:44 p.m.45 views

Remote code execution in Apache TomEE

If Apache TomEE 8.0.0-M1 - 8.0.3, 7.1.0 - 7.1.3, 7.0.0-M1 - 7.0.8, 1.0.0 - 1.7.5 is configured to use the embedded ActiveMQ broker, and the broker config is misconfigured, a JMX port is opened on TCP port 1099, which does not include authentication. CVE-2020-11969 previously addressed the creatio...

9.8CVSS2.1AI score0.03654EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/04/13 12:0 a.m.5 views

The vulnerability of the Apache TomEE application server, related to authentication errors, allows attackers to escalate their privileges, execute arbitrary code, or cause service failures.

The vulnerability of the Apache TomEE application server is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to increase their privileges, execute arbitrary code, or cause service failures...

9.8CVSS8AI score0.04115EPSS
Exploits0References8Affected Software1
OpenVAS
OpenVAS
added 2020/12/21 12:0 a.m.17 views

Apache TomEE JMX Vulnerability (CVE-2020-13931)

Apache TomEE is prone to a misconfiguration vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

9.8CVSS9.5AI score0.03654EPSS
Exploits0References1
Veracode
Veracode
added 2020/12/18 6:47 a.m.23 views

Missing Authentication Due To Incorrect Configuration

Apache Tomee openejb-core has missing authentication. The vulnerability exists due to an incomplete fix of CVE-2020-11969 where when embedded ActiveMQ broker with URI setting useJMX=true is used, it causes JMX port to open on TCP port 1099, which does not include authentication...

9.8CVSS2.4AI score0.04115EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder