71 matches found
EUVD-2016-6346
Malware in sbrugna...
EUVD-2017-11817
Malware in sbrugna...
EUVD-2017-16487
Malware in sbrugna...
EUVD-2010-3836
Malware in sbrugna...
EUVD-2016-9455
Malware in sbrugna...
K63443590: Apache Commons FileUpload vulnerability CVE-2013-2186
Security Advisory Description The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized...
GHSA-QX6H-9567-5FQW Arbitrary file write in Apache Commons Fileupload
The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance...
Arbitrary file write in Apache Commons Fileupload
The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance...
CVE-2012-5626
EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation...
CVE-2012-5626
The CVE-2012-5626 entry refers to an EJB method in Red Hat products (BRMS 5; JBoss EAP 5; JBoss Operations Network 3.1; JBoss Portal 4/5; JBoss SOA Platform 4.2–5; JBoss Enterprise Web Server 1) that ignores roles specified via the @RunAs annotation. The underlying issue is a role-handling flaw i...
CVE-2012-5626
EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation...
CVE-2010-3857
JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter...
Cross site scripting
JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter...
CVE-2010-3857
JBoss BRMS before 5.1.0 has an XSS vulnerability via the asset=UUID parameter. The issue stems from a lack of proper validation of client-side data by the web application, enabling an attacker to execute client-side code. Affected product: Red Hat JBoss BRMS prior to 5.1.0. Impact is XSS; CVSS sc...
CVE-2010-3857
JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter...
Important: Red Hat Security Advisory: Red Hat JBoss BRMS 6.4.12 security update
An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Important: Red Hat Security Advisory: Red Hat JBoss BRMS 6.4.11 security update
An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
CVE-2016-8608
JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before...
CVE-2016-8608
JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before...
CVE-2016-8608
CVE-2016-8608 applies to Red Hat JBoss BRMS 6 and BPM Suite 6. The flaw is a stored XSS in the business process editor caused by an incomplete fix for CVE-2016-5398. Remote, authenticated users with privileges to create business processes can store scripts that are not properly sanitized before d...