17 matches found
EUVD-2014-7693
Malware in sbrugna...
EUVD-2013-0252
Malware in sbrugna...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.13 (RHSA-2025:4437)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4437 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
RHSA-2025:3989 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.7 security update
Bulletin has no description...
CVE-2025-2251 Org.jboss.eap:wildfly-ejb3: improper deserialization in jboss marshalling allows remote code execution
A security flaw exists in WildFly and JBoss Enterprise Application Platform EAP within the Enterprise JavaBeans EJB remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted...
PT-2025-15231 · Red Hat · Red Hat Jboss Enterprise Application Platform +1
Name of the Vulnerable Software and Affected Versions: WildFly affected versions not specified JBoss Enterprise Application Platform EAP affected versions not specified Description: A security flaw exists within the Enterprise JavaBeans EJB remote invocation mechanism, stemming from untrusted dat...
RHSA-2014:1834 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 5.2.0 security update
Bulletin has no description...
Authorization Bypass
jboss-as-security is vulnerable to authorization bypass attacks. The vulnerability exists as the org.jboss.security.plugins.mapping.JBossMappingManager implementation in JBoss Security in Red Hat JBoss Enterprise Application Platform EAP before 6.3.3 uses the default security domain when a securi...
Stored XSS in business process editor
JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before...
Moderate: Red Hat Security Advisory: jbossweb security update
An update for JBoss Enterprise Web Platform 5.2.0 which fixes multiple security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Important: Red Hat Security Advisory: JBoss Enterprise BRMS Platform 5.3.1 update
JBoss Enterprise BRMS Platform 5.3.1, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVS...
Important: Red Hat Security Advisory: jbossas security update
An update for JBoss Enterprise Web Platform 5.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
Moderate: Red Hat Security Advisory: jbossas security update
An update for JBoss Enterprise Web Platform 5.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
Important: Red Hat Security Advisory: jbossws-common security update
An updated jbossws-common.jar file for JBoss Enterprise Portal Platform 5.1.1 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...
Important: Red Hat Security Advisory: JBoss Communications Platform 1.2.11 and 5.1.1 security update
An updated JBoss Web Services Native component for JBoss Communications Platform 1.2.11 and 5.1.1 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability...
Important: Red Hat Security Advisory: JBoss Enterprise SOA Platform 4.3.CP04 and 5.0.2 security update
Updated jbossweb-2.0.0.jar and jbossweb-2.1.10.jar files for JBoss Enterprise SOA Platform 4.3.CP04 and 5.0.2 that fix one security issue are now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common...
Update JBoss 308 & 321: Remote Command Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Adam, thanks for the question, here is the answer: just downloaded the 3.0.8 from Jboss.org and changed the port of the exploit code from 1701 to 1476, which is the HSQL port in Version 3.0.8 of JBoss. I can confirm that JBOSS 3.0.8 is also...