Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

43 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-11806

Malware in sbrugna...

6.5CVSS5.9AI score0.00302EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2016-5964

Malware in sbrugna...

9.8CVSS9.1AI score0.06972EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2015-1940

Malware in sbrugna...

7.5CVSS6.4AI score0.00537EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2016-7270

Malware in sbrugna...

6.1CVSS6.3AI score0.00365EPSS
Exploits0References6
vulnersOsv
vulnersOsvadded 2022/05/24 7:10 p.m.2 views

br.eti.clairton:ds-test (=0.4.0), com.bertoncelj.wildflysingletonservice:wildfly-singleton-service (>=1.1.0 <=1.2.1) +312 more potentially affected by CVE-2021-3642 via org.wildfly.security:wildfly-elytron (>=1.0.0.Alpha1 <=1.10.0.Final)

org.wildfly.security:wildfly-elytron MAVEN version =1.0.0.Alpha1, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.6.0.Beta1, =1.0.0.Alpha4, =0.29.0.Final, =0.15.0.Final, =0.29.0.Final, =0.18.0.Final, =1.0.1.Final and more Source cves: CVE-2021-3642 Source advisory: OSV:GHSA-5499-QJVH-6...

5.3CVSS6.4AI score0.00267EPSS
Exploits0
OSV
OSVadded 2018/10/31 1:29 p.m.1 views

CVE-2016-6343

JBoss BPM Suite 6 is vulnerable to a reflected XSS via dashbuilder. Remote attackers can entice authenticated users that have privileges to access dashbuilder usually admins to click on links to /dashbuilder/Controller containing malicious scripts. Successful exploitation would allow execution of...

5.4CVSS6AI score0.00365EPSS
Exploits0References4
Prion
Prionadded 2018/10/31 1:29 p.m.11 views

Cross site scripting

JBoss BPM Suite 6 is vulnerable to a reflected XSS via dashbuilder. Remote attackers can entice authenticated users that have privileges to access dashbuilder usually admins to click on links to /dashbuilder/Controller containing malicious scripts. Successful exploitation would allow execution of...

3.5CVSS6.1AI score0.00365EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2018/10/31 1:0 p.m.13 views

CVE-2016-6343

JBoss BPM Suite 6 is vulnerable to a reflected XSS via dashbuilder. Remote attackers can entice authenticated users that have privileges to access dashbuilder usually admins to click on links to /dashbuilder/Controller containing malicious scripts. Successful exploitation would allow execution of...

6.1CVSS6.2AI score0.00365EPSS
Exploits0References4
CVE
CVEadded 2018/10/31 1:0 p.m.53 views

CVE-2016-6343

CVE-2016-6343 affects Red Hat JBoss BPM Suite 6 (dashbuilder). A reflected XSS vulnerability allows an authenticated admin to click a malicious link at /dashbuilder/Controller and execute script code in the user’s browser. The issue relies on dashbuilder’s handling of input in that endpoint; expl...

6.1CVSS5.7AI score0.00365EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2018/10/31 12:0 a.m.1 views

PT-2018-4938 · Red Hat · Jboss Bpm Suite

Name of the Vulnerable Software and Affected Versions: JBoss BPM Suite 6 Description: The issue allows remote attackers to perform a reflected XSS attack via dashbuilder. This can be achieved by enticing authenticated users, typically admins, to click on malicious links to the...

6.1CVSS6AI score0.00365EPSS
Exploits0References5
OSV
OSVadded 2018/07/27 6:29 p.m.3 views

CVE-2017-2658

It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a use...

6.5CVSS5.9AI score0.00302EPSS
Exploits0References4
NVD
NVDadded 2018/07/27 6:29 p.m.14 views

CVE-2017-2658

It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a use...

6.5CVSS4.6AI score0.00302EPSS
Exploits0References4
Prion
Prionadded 2018/07/27 6:29 p.m.13 views

Design/Logic Flaw

It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a use...

4.3CVSS6.6AI score0.00302EPSS
Exploits0References4Affected Software2
CVE
CVEadded 2018/07/27 6:0 p.m.63 views

CVE-2017-2658

The CVE affects Red Hat JBoss BPM Suite &lt;6.4.2 and JBoss Data Virtualization & Services

6.5CVSS6.7AI score0.00302EPSS
Exploits0References4Affected Software2
Cvelist
Cvelistadded 2018/07/27 6:0 p.m.13 views

CVE-2017-2658

It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a use...

2.6CVSS6.4AI score0.00302EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2018/07/27 12:0 a.m.2 views

PT-2018-7163 · Red Hat · Red Hat Jboss Data Virtualization & Services +1

Name of the Vulnerable Software and Affected Versions: Red Hat JBoss BPM Suite versions prior to 6.4.2 Red Hat JBoss Data Virtualization & Services versions prior to 6.4.3 Description: A security issue was found in the Dashbuilder login page, which could be opened in an IFRAME. This allowed for t...

6.5CVSS5.3AI score0.00302EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2018/07/23 7:28 p.m.3 views

Dashbuilder: Lack of clickjacking protection on the login page

It was discovered that the Dashbuilder login page could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a user into performing arbitrary actions in the Console clickjacking...

6.5CVSS5.9AI score0.00302EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2018/02/13 3:48 p.m.3 views

Dashbuilder: Reflected XSS

JBoss BPM Suite 6 is vulnerable to a reflected XSS via dashbuilder. Remote attackers can entice authenticated users that have privileges to access dashbuilder usually admins to click on links to /dashbuilder/Controller containing malicious scripts. Successful exploitation would allow execution of...

6.1CVSS6.1AI score0.00365EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2018/02/13 3:48 p.m.4 views

Dashbuilder: insecure handling of CSRF token

It has been reported that CSRF tokens are not properly handled in JBoss BPM suite dashbuilder. Old tokens generated during an active session can be used to bypass CSRF protection. In addition, the tokens are sent in query string so they can be exposed through the browser's history, referrers, web...

8.8CVSS5.7AI score0.00093EPSS
Exploits0References4
CNVD
CNVDadded 2017/03/27 12:0 a.m.2 views

Red Hat Dashbuilder Clickjacking Vulnerability

Red Hat Dashbuilder is the United States Red Hat Red Hat company developed a set of open source for building business dashboards and reporting platform. A clickjacking vulnerability exists in Red Hat Dashbuilder. An unauthenticated attacker could exploit the vulnerability to compromise an affecte...

6.5CVSS6.8AI score0.00302EPSS
Exploits0References1
Rows per page
Query Builder