Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

16 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-4802

Malicious code in bioql PyPI...

4.3CVSS6.3AI score0.00546EPSS
Exploits0References12
Github Security Blog
Github Security Blogadded 2022/05/17 5:17 a.m.36 views

User confusion in IronJacamar

The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjunction with a security domain, does not use the credentials supplied in a getConnection function call, which allows remote attackers to obtain access to an arbitrary datasource...

4.3CVSS7AI score0.00546EPSS
Exploits0References10Affected Software1
OSV
OSVadded 2022/05/17 5:17 a.m.29 views

GHSA-PPG2-WW3W-HQ84 User confusion in IronJacamar

The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjunction with a security domain, does not use the credentials supplied in a getConnection function call, which allows remote attackers to obtain access to an arbitrary datasource...

4.3CVSS6.3AI score0.00546EPSS
Exploits0References9
Veracode
Veracodeadded 2019/05/02 4:43 a.m.46 views

Access Restriction Bypass

JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for JBoss Enterprise Application Platform 6.0.0, and includes bug fixes and enhancements. Refer to the 6.0.1 Release Notes for information on the...

10CVSS6AI score0.52581EPSS
Exploits7References11Affected Software204
Veracode
Veracodeadded 2019/05/02 4:43 a.m.36 views

Access Restriction Bypass

JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for JBoss Enterprise Application Platform 6.0.0, and includes bug fixes and enhancements. Refer to the 6.0.1 Release Notes for information on the...

10CVSS6AI score0.52581EPSS
Exploits7References11Affected Software204
Veracode
Veracodeadded 2018/11/07 8:1 a.m.17 views

Authorization Bypass

IronJacamar is vulnerable to an authorization bypass. The library does not use the credentials given in the getConnection function, allowing a malicious user to gain access to a datasource connection by attempting an invalid connection...

4.3CVSS6.3AI score0.00546EPSS
Exploits0References10Affected Software206
Tenable Nessus
Tenable Nessusadded 2013/01/24 12:0 a.m.59 views

RHEL 5 : JBoss EAP (RHSA-2012:1591)

Updated JBoss Enterprise Application Platform 6.0.1 packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability...

10CVSS6.4AI score0.52581EPSS
Exploits7References20
NVD
NVDadded 2012/12/20 12:2 p.m.23 views

CVE-2012-3428

The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjunction with a security domain, does not use the credentials supplied in a getConnection function call, which allows remote attackers to obtain access to an arbitrary datasource...

4.3CVSS6.6AI score0.00546EPSS
Exploits0References8
Prion
Prionadded 2012/12/20 12:2 p.m.19 views

Design/Logic Flaw

The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjunction with a security domain, does not use the credentials supplied in a getConnection function call, which allows remote attackers to obtain access to an arbitrary datasource...

4.3CVSS7.2AI score0.00546EPSS
Exploits0References8Affected Software1
CVE
CVEadded 2012/12/20 11:0 a.m.68 views

CVE-2012-3428

The CVE-2012-3428 issue affects the IronJacamar container prior to 1.0.12.Final used with JBoss AS. When allow-multiple-users is enabled alongside a security domain, the credentials passed to getConnection are not used, potentially enabling an attacker to obtain access to an arbitrary datasource ...

4.3CVSS6.6AI score0.00546EPSS
Exploits0References8Affected Software1
Cvelist
Cvelistadded 2012/12/20 11:0 a.m.21 views

CVE-2012-3428

The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjunction with a security domain, does not use the credentials supplied in a getConnection function call, which allows remote attackers to obtain access to an arbitrary datasource...

6.6AI score0.00546EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2012/12/18 10:43 p.m.69 views

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 6.0.1 update

JBoss Enterprise Application Platform 6.0.1, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring...

10CVSS6.8AI score0.52581EPSS
Exploits10References12
RedHat Linux
RedHat Linuxadded 2012/12/18 10:43 p.m.3 views

JBoss: Datasource connection manager returns valid connection for wrong credentials when using security-domains

The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjunction with a security domain, does not use the credentials supplied in a getConnection function call, which allows remote attackers to obtain access to an arbitrary datasource...

4.3CVSS5.8AI score0.00546EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2012/12/18 10:23 p.m.54 views

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 6.0.1 update

Updated JBoss Enterprise Application Platform 6.0.1 packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability...

10CVSS6.3AI score0.52581EPSS
Exploits7References10
RedHat Linux
RedHat Linuxadded 2012/12/18 10:23 p.m.2 views

JBoss: Datasource connection manager returns valid connection for wrong credentials when using security-domains

The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjunction with a security domain, does not use the credentials supplied in a getConnection function call, which allows remote attackers to obtain access to an arbitrary datasource...

4.3CVSS5.8AI score0.00546EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2012/12/18 10:17 p.m.100 views

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 6.0.1 update

Updated JBoss Enterprise Application Platform 6.0.1 packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability...

10CVSS6.3AI score0.52581EPSS
Exploits7References10
Rows per page
Query Builder