Lucene search
K

917 matches found

RedHat Linux
RedHat Linux
added 2009/07/06 11:41 a.m.62 views

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 4.3.0.CP05 update

Updated JBoss Enterprise Application Platform JBEAP 4.3 packages that fix various issues are now available for Red Hat Enterprise Linux 5 as JBEAP 4.3.0.CP05. This update has been rated as having important security impact by the Red Hat Security Response Team. JBoss Enterprise Application Platfor...

5CVSS6.2AI score0.9444EPSS
Exploits6References6
seebug.org
seebug.org
added 2009/06/17 12:0 a.m.39 views

XOOPS <= 2.3.3 Remote File Disclosure Vulnerability (.htaccess)

No description provided by source. ======================================================================== XOOPS = 2.3.3 Remote Arbitrary File Retrieval ======================================================================== Affected Software : XOOPS = 2.3.3 Author : Luca "daath" De Fulgentis -...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2009/06/05 12:0 a.m.41 views

RedHat Security Advisory RHSA-2009:1067

The remote host is missing updates announced in advisory RHSA-2009:1067. Red Hat Application Stack v2.3 is an integrated open source application stack, that includes Red Hat Enterprise Linux 5 and JBoss Enterprise Application Platform EAP. JBoss EAP is provided through the JBoss EAP channels on t...

7.5CVSS8.2AI score0.10242EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2009/06/05 12:0 a.m.39 views

RedHat Security Advisory RHSA-2009:1067

The remote host is missing updates announced in advisory RHSA-2009:1067. Red Hat Application Stack v2.3 is an integrated open source application stack, that includes Red Hat Enterprise Linux 5 and JBoss Enterprise Application Platform EAP. JBoss EAP is provided through the JBoss EAP channels on t...

7.5CVSS7.9AI score0.10242EPSS
Exploits8References2
Cvelist
Cvelist
added 2009/03/09 9:0 p.m.25 views

CVE-2009-0027

The request handler in JBossWS in JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP06 and 4.3 before 4.3.0.CP04 does not properly validate the resource path during a request for a WSDL file with a custom web-service endpoint, which allows remote attackers to read...

6.4AI score0.01805EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2009/03/06 5:15 p.m.5 views

Moderate: Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0CP06 update

Updated JBoss Enterprise Application Platform JBoss EAP 4.2 packages that fix various issues are now available for Red Hat Enterprise Linux 4 as JBEAP 4.2.0.CP06. This update has been rated as having moderate security impact by the Red Hat Security Response Team. JBoss Enterprise Application...

5CVSS5.9AI score0.01805EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2009/03/06 5:15 p.m.4 views

JBoss EAP unprivileged local xml file access

The request handler in JBossWS in JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP06 and 4.3 before 4.3.0.CP04 does not properly validate the resource path during a request for a WSDL file with a custom web-service endpoint, which allows remote attackers to read...

5CVSS5.9AI score0.01805EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/09/22 1:27 p.m.4 views

JBossEAP allows download of non-EJB class files

The default configuration of the JBossAs component in Red Hat JBoss Enterprise Application Platform aka JBossEAP or EAP, possibly 4.2 before CP04 and 4.3 before CP02, when a production environment is enabled, sets the DownloadServerClasses property to true, which allows remote attackers to obtain...

5CVSS7.4AI score0.47111EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2008/09/22 1:15 p.m.10 views

Low: Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0CP04 security update

Updated JBoss Enterprise Application Platform JBEAP 4.2 packages that fix various security issues are now available for Red Hat Enterprise Linux 5 as JBEAP 4.2.0.CP04. This update has been rated as having low security impact by the Red Hat Security Response Team. JBoss Enterprise Application...

6.4CVSS6.2AI score0.05156EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2008/09/22 12:50 p.m.6 views

Low: Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0CP04 security update

Updated JBoss Enterprise Application Platform JBEAP 4.2 packages that fix various security issues are now available for Red Hat Enterprise Linux 4 as JBEAP 4.2.0.CP04. This update has been rated as having low security impact by the Red Hat Security Response Team. JBoss Enterprise Application...

6.4CVSS6.2AI score0.05156EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2008/09/22 12:50 p.m.6 views

JBossEAP allows download of non-EJB class files

The default configuration of the JBossAs component in Red Hat JBoss Enterprise Application Platform aka JBossEAP or EAP, possibly 4.2 before CP04 and 4.3 before CP02, when a production environment is enabled, sets the DownloadServerClasses property to true, which allows remote attackers to obtain...

5CVSS7.4AI score0.47111EPSS
Exploits7References4
NVD
NVD
added 2008/08/10 8:41 p.m.26 views

CVE-2008-3273

JBoss Enterprise Application Platform aka JBossEAP or EAP before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string...

5CVSS5.9AI score0.47111EPSS
Exploits6References12
Cvelist
Cvelist
added 2008/08/10 8:0 p.m.34 views

CVE-2008-3273

JBoss Enterprise Application Platform aka JBossEAP or EAP before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string...

5.8AI score0.47111EPSS
Exploits6References12
seebug.org
seebug.org
added 2008/08/06 12:0 a.m.60 views

JBoss Enterprise Application Platform信息泄漏漏洞

BUGTRAQ ID: 30540 CVE ID:CVE-2008-3273 CVE-2008-1285 CNCVE ID:CNCVE-20083273 CNCVE-20081285 JBoss Enterprise Application Platform是一款企业级应用平台。 JBoss Enterprise Application Platform存在信息泄漏问题,远程攻击者可以利用漏洞获得配置的WEB上下文,或进行跨站脚本攻击。 -JavaServer Faces JSF组件存在多个跨站脚本攻击,可导致注入任意WEB脚本或HTML。...

5CVSS0.47111EPSS
Exploits6
RedHat Linux
RedHat Linux
added 2008/08/05 7:54 a.m.6 views

Moderate: Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0.CP03 security update

Updated JBoss Enterprise Application Platform JBoss EAP packages that resolve several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. JBoss EAP is a middleware platform for Java ...

5CVSS7.4AI score0.47111EPSS
Exploits6References4
RedHat Linux
RedHat Linux
added 2008/08/05 7:54 a.m.5 views

JBossEAP status servlet info leak

JBoss Enterprise Application Platform aka JBossEAP or EAP before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string...

5CVSS7.4AI score0.47111EPSS
Exploits6References4
RedHat Linux
RedHat Linux
added 2008/04/02 8:44 p.m.13 views

Moderate: Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0CP02 security update

Updated JBoss Enterprise Application Platform JBEAP packages that fix several security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. JBoss Enterprise Application Platform JBEAP is a middleware platform for Java 2...

9.3CVSS6.1AI score0.39681EPSS
Exploits7References5
Rows per page
Query Builder