Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

345 matches found

NVD
NVDadded 2020/09/16 7:15 p.m.16 views

CVE-2020-10718

A flaw was found in Wildfly before wildfly-embedded-13.0.0.Final, where the embedded managed process API has an exposed setting of the Thread Context Classloader TCCL. This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is ...

7.5CVSS0.0027EPSS
Exploits0References1
Cvelist
Cvelistadded 2020/09/16 6:6 p.m.19 views

CVE-2020-10718

A flaw was found in Wildfly before wildfly-embedded-13.0.0.Final, where the embedded managed process API has an exposed setting of the Thread Context Classloader TCCL. This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is ...

8.4AI score0.0027EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2020/09/16 12:0 a.m.2 views

PT-2020-12297 · Red Hat · Wildfly

Name of the Vulnerable Software and Affected Versions: Wildfly versions prior to 13.0.0.Final Description: A flaw was found in the embedded managed process API, where the Thread Context Classloader TCCL setting is exposed as a public method. This exposure can bypass the security manager, posing a...

7.5CVSS6.7AI score0.0027EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2020/09/07 1:5 p.m.1 views

wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API

A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader TCCL. This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality...

7.5CVSS5.7AI score0.0027EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/09/07 12:58 p.m.1 views

wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API

A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader TCCL. This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality...

7.5CVSS5.7AI score0.0027EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/09/07 12:58 p.m.2 views

wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API

A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader TCCL. This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality...

7.5CVSS5.7AI score0.0027EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/09/07 12:57 p.m.1 views

wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API

A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader TCCL. This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality...

7.5CVSS5.7AI score0.0027EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/09/02 9:47 a.m.3 views

wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API

A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader TCCL. This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality...

7.5CVSS5.7AI score0.0027EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/09/01 2:41 p.m.3 views

apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default

A flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is not suppressed by default. This flaw allows an attacker to access the classloader...

7.5CVSS6.8AI score0.01215EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2020/08/18 4:34 p.m.1 views

wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API

A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader TCCL. This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality...

7.5CVSS5.7AI score0.0027EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/08/17 1:28 p.m.2 views

wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API

A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader TCCL. This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality...

7.5CVSS5.7AI score0.0027EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/08/17 1:28 p.m.2 views

wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API

A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader TCCL. This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality...

7.5CVSS5.7AI score0.0027EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/08/17 1:28 p.m.2 views

wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API

A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader TCCL. This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality...

7.5CVSS5.7AI score0.0027EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/08/17 1:25 p.m.2 views

wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API

A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader TCCL. This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality...

7.5CVSS5.7AI score0.0027EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/07/29 6:21 a.m.2 views

apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default

A flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is not suppressed by default. This flaw allows an attacker to access the classloader...

7.5CVSS6.8AI score0.01215EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2020/07/28 3:54 p.m.2 views

apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default

A flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is not suppressed by default. This flaw allows an attacker to access the classloader...

7.5CVSS6.8AI score0.01215EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2020/06/24 5:2 p.m.2 views

apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default

A flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is not suppressed by default. This flaw allows an attacker to access the classloader...

7.5CVSS6.8AI score0.01215EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2020/06/19 1:47 a.m.1 views

apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default

A flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is not suppressed by default. This flaw allows an attacker to access the classloader...

7.5CVSS6.8AI score0.01215EPSS
Exploits1References5
OSV
OSVadded 2020/06/15 8:36 p.m.2 views

GHSA-6PHF-73Q6-GH87 Insecure Deserialization in Apache Commons Beanutils

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean...

7.3CVSS6.8AI score0.01215EPSS
Exploits1References57
RedHat Linux
RedHat Linuxadded 2020/06/11 9:3 a.m.0 views

SmallRye: SecuritySupport class is incorrectly public and contains a static method to access the current threads context class loader

A flaw was found in SmallRye's API through version 1.6.1. The API can allow other code running within the application server to potentially obtain the ClassLoader, bypassing any permissions checks that should have been applied. The largest threat from this vulnerability is a threat to data...

4.4CVSS5.8AI score0.00038EPSS
Exploits0References4
Rows per page
Query Builder