CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

7 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-4802

Malicious code in bioql PyPI...

4.3CVSS6.3AI score0.00546EPSS

Exploits0References12

Github Security Blog•added 2022/05/17 5:17 a.m.•32 views

User confusion in IronJacamar

The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjunction with a security domain, does not use the credentials supplied in a getConnection function call, which allows remote attackers to obtain access to an arbitrary datasource...

4.3CVSS7AI score0.00546EPSS

Exploits0References10Affected Software1

OSV•added 2022/05/17 5:17 a.m.•28 views

GHSA-PPG2-WW3W-HQ84 User confusion in IronJacamar

The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjunction with a security domain, does not use the credentials supplied in a getConnection function call, which allows remote attackers to obtain access to an arbitrary datasource...

4.3CVSS6.3AI score0.00546EPSS

Exploits0References9

NVD•added 2012/12/20 12:2 p.m.•20 views

CVE-2012-3428

The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjunction with a security domain, does not use the credentials supplied in a getConnection function call, which allows remote attackers to obtain access to an arbitrary datasource...

4.3CVSS6.6AI score0.00546EPSS

Exploits0References8

Prion•added 2012/12/20 12:2 p.m.•17 views

Design/Logic Flaw

The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjunction with a security domain, does not use the credentials supplied in a getConnection function call, which allows remote attackers to obtain access to an arbitrary datasource...

4.3CVSS7.2AI score0.00546EPSS

Exploits0References8Affected Software1

RedHat Linux•added 2012/12/18 10:43 p.m.•3 views

JBoss: Datasource connection manager returns valid connection for wrong credentials when using security-domains

The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjunction with a security domain, does not use the credentials supplied in a getConnection function call, which allows remote attackers to obtain access to an arbitrary datasource...

4.3CVSS5.8AI score0.00546EPSS

Exploits0References4

RedHat Linux•added 2012/12/18 10:17 p.m.•4 views

JBoss: Datasource connection manager returns valid connection for wrong credentials when using security-domains

The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjunction with a security domain, does not use the credentials supplied in a getConnection function call, which allows remote attackers to obtain access to an arbitrary datasource...

4.3CVSS5.8AI score0.00546EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by