Lucene search
+L

148 matches found

prion
prion
added 2017/11/09 5:29 p.m.34 views

Input validation

Red Hat JBoss A-MQ 6.x; BPM Suite BPMS 6.x; BRMS 6.x and 5.x; Data Grid JDG 6.x; Data Virtualization JDV 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works FSW 6.x; Operations Network JBoss ON 3.x; Portal 6.x; SOA Platform SOA-P 5.x; Web Server JWS 3.x;...

10CVSS7.9AI score0.83274EPSS
Exploits8References28Affected Software15
debiancve
debiancve
added 2017/11/09 12:0 a.m.58 views

CVE-2015-7501

Red Hat JBoss A-MQ 6.x; BPM Suite BPMS 6.x; BRMS 6.x and 5.x; Data Grid JDG 6.x; Data Virtualization JDV 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works FSW 6.x; Operations Network JBoss ON 3.x; Portal 6.x; SOA Platform SOA-P 5.x; Web Server JWS 3.x;...

10CVSS10AI score0.83274EPSS
Exploits8
redhat
redhat
added 2017/10/12 9:59 p.m.147 views

Important: Red Hat Security Advisory: Red Hat JBoss BRMS 6.4.6 security update

An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS7.4AI score0.8904EPSS
Exploits5References5
redhat
redhat
added 2017/08/29 7:40 p.m.61 views

Important: Red Hat Security Advisory: Red Hat JBoss BRMS 6.4.5 security update

An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS7.2AI score0.37925EPSS
Exploits7References6
redhat
redhat
added 2017/07/04 6:0 p.m.37 views

Moderate: Red Hat Security Advisory: Red Hat JBoss BRMS security update

An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS7.2AI score0.07501EPSS
Exploits0References5
checkpoint_advisories
checkpoint_advisories
added 2017/05/22 12:0 a.m.38 views

Red Hat JBoss BPM Suite BRMS Tasks List Cross-Site Scripting (CVE-2017-2674)

A cross-site scripting vulnerability exists in Red Hat JBoss BPM Suite and JBoss BRMS. The vulnerability is due to insufficient validation of user supplied input within the Tasks List component of business-central. An authenticated attacker can exploit this vulnerability by creating a malicious...

3.5CVSS5.3AI score0.01295EPSS
Exploits0
redhat
redhat
added 2017/05/09 5:13 p.m.42 views

Moderate: Red Hat Security Advisory: Red Hat JBoss BRMS security update

An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

6.1CVSS6.6AI score0.01818EPSS
Exploits0References4
prion
prion
added 2017/04/20 9:59 p.m.22 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page...

6.8CVSS7.5AI score0.00625EPSS
Exploits0References1Affected Software2
nvd
nvd
added 2017/04/20 9:59 p.m.27 views

CVE-2016-5401

Cross-site request forgery CSRF vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page...

8.8CVSS8.8AI score0.00625EPSS
Exploits0References1
osv
osv
added 2017/04/20 9:59 p.m.7 views

CVE-2016-5401

Cross-site request forgery CSRF vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page...

8.8CVSS5.8AI score0.00625EPSS
Exploits0References1
cvelist
cvelist
added 2017/04/20 9:0 p.m.31 views

CVE-2016-5401

Cross-site request forgery CSRF vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page...

8.9AI score0.00625EPSS
Exploits0References1
cve
cve
added 2017/04/20 9:0 p.m.52 views

CVE-2016-5401

CVE-2016-5401 is a CSRF vulnerability in Red Hat JBoss BRMS and BPMS 6. The flaw allows remote attackers to hijack user authentication to perform state-changing requests on the affected application via a crafted web page. Connected sources confirm the affected products are JBoss BRMS/BPMS 6, but ...

8.8CVSS8.8AI score0.00625EPSS
Exploits0References1Affected Software2
redhatcve
redhatcve
added 2017/04/06 3:18 p.m.26 views

CVE-2017-7463

JBoss BRMS 6 and BPM Suite 6 are vulnerable to a reflected XSS via artifact upload. A malformed XML file, if uploaded, causes an error message to appear that includes part of the bad XML code verbatim without filtering out scripts. Successful exploitation would allow execution of script code with...

6.1CVSS6.1AI score0.01818EPSS
Exploits0References1
redhatcve
redhatcve
added 2017/04/06 3:18 p.m.25 views

CVE-2017-2674

JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via several lists in Business Central. The flaw is due to lack of sanitation of user input when creating new lists. Remote, authenticated attackers that have privileges to create lists can store scripts in them, which are not properly...

6.1CVSS5.2AI score0.01295EPSS
Exploits0References1
redhat
redhat
added 2017/02/02 8:33 p.m.37 views

Moderate: Red Hat Security Advisory: Red Hat JBoss BRMS security update

An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.8CVSS6.7AI score0.04758EPSS
Exploits0References5
redhat
redhat
added 2016/12/08 7:56 p.m.37 views

Moderate: Red Hat Security Advisory: Red Hat JBoss BRMS security update

An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

6.8CVSS6.7AI score0.03956EPSS
Exploits0References3
redhat
redhat
added 2016/11/28 5:55 p.m.40 views

Moderate: Red Hat Security Advisory: Red Hat JBoss BRMS security update

An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS6.6AI score0.08179EPSS
Exploits0References5
redhatcve
redhatcve
added 2016/11/28 5:47 p.m.34 views

CVE-2016-8608

JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before...

5.4CVSS5.4AI score0.01259EPSS
Exploits0References1
redhat
redhat
added 2016/09/28 10:29 p.m.37 views

Moderate: Red Hat Security Advisory: Red Hat JBoss BRMS security update

An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

5.4CVSS6.1AI score0.00847EPSS
Exploits0References3
redhatcve
redhatcve
added 2016/09/06 4:48 a.m.28 views

CVE-2016-7033

JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via dashbuilder. Remote, authenticated attackers that have privileges to access dashbuilder usually admins can store scripts in several editable fields, which are not properly sanitized before showing to other users, including other admi...

6.1CVSS5.4AI score0.01543EPSS
Exploits0References1
Rows per page
Query Builder