CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

62 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-6451

Malware in sbrugna...

6.5CVSS6.3AI score0.00205EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2013-1915

Malware in sbrugna...

1.9CVSS6.1AI score0.0008EPSS

Exploits0References12

Tenable Nessus•added 2023/01/23 12:0 a.m.•49 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 7 (Moderate) (RHSA-2020:4246)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4246 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

6.5CVSS6.8AI score0.00423EPSS

Exploits0References47

RedHat Linux•added 2020/12/16 7:20 a.m.•88 views

Important: Red Hat Security Advisory: Red Hat build of Thorntail 2.7.2 security and bug fix update

An update is now available for Red Hat build of Thorntail. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more...

7.5CVSS6.6AI score0.00676EPSS

Exploits0References8

RedHat Linux•added 2020/11/04 7:24 p.m.•2 views

picketbox: JBoss EAP reload to admin-only mode allows authentication bypass

A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user...

6.5CVSS5.8AI score0.00205EPSS

Exploits0References4

RedHat Linux•added 2020/11/04 7:24 p.m.•76 views

Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.3 security update

A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS6.5AI score0.00423EPSS

Exploits0References9

OSV•added 2020/10/16 2:15 p.m.•1 views

CVE-2020-14299

6.5CVSS6.7AI score

Exploits0References1

NVD•added 2020/10/16 2:15 p.m.•20 views

CVE-2020-14299

6.5CVSS0.00205EPSS

Exploits0References1

Prion•added 2020/10/16 2:15 p.m.•20 views

Authentication flaw

6.3CVSS6.6AI score0.00205EPSS

Exploits0References1Affected Software2

Cvelist•added 2020/10/16 1:10 p.m.•22 views

CVE-2020-14299

6.4AI score0.00205EPSS

Exploits0References1

CVE•added 2020/10/16 1:10 p.m.•94 views

CVE-2020-14299

CVE-2020-14299 affects Red Hat JBoss Enterprise Application Platform (EAP). The flaw stems from using a legacy SecurityRealm delegating to a legacy PicketBox SecurityDomain and reloading to admin-only mode, enabling complete authentication bypass with an arbitrary user/password. The impact is des...

6.5CVSS6.3AI score0.00205EPSS

Exploits0References1Affected Software3

Veracode•added 2020/10/14 4:33 a.m.•26 views

Authentication Bypass

picketbox is vulnerable to authentication bypass. An attacker is able to bypass authentication via JBoss EAP reload to admin-only mode...

6.5CVSS4.2AI score0.00205EPSS

Exploits0References5Affected Software29

RedhatCVE•added 2020/10/13 8:16 p.m.•24 views

CVE-2020-14299

6.5CVSS3.2AI score0.00205EPSS

Exploits0References3

RedHat Linux•added 2020/10/13 5:1 p.m.•2 views

picketbox: JBoss EAP reload to admin-only mode allows authentication bypass

6.5CVSS5.8AI score0.00205EPSS

Exploits0References4

RedHat Linux•added 2020/10/13 4:50 p.m.•3 views

picketbox: JBoss EAP reload to admin-only mode allows authentication bypass

6.5CVSS5.8AI score0.00205EPSS

Exploits0References4

RedHat Linux•added 2020/10/13 4:49 p.m.•3 views

picketbox: JBoss EAP reload to admin-only mode allows authentication bypass

6.5CVSS5.8AI score0.00205EPSS

Exploits0References4

Veracode•added 2019/01/15 8:52 a.m.•22 views

Information Disclosure

JBoss SX and PicketBox is vulnerable to information disclosure. The audit.log file which stores logs containing confidential information is world-readable. This allows a local user to read the log file and obtain sensitive information such as usernames and passwords...

2.1CVSS8.3AI score0.00053EPSS

Exploits0References27Affected Software76

RedHat Linux•added 2015/05/14 3:14 p.m.•3 views

PicketBox/JBossSX: Unauthorized access to and modification of application server configuration and state by application

It was identified that PicketBox/JBossSX allowed any deployed application to alter or read the underlying application server configuration and state without any authorization checks. An attacker able to deploy applications could use this flaw to circumvent security constraints applied to other...

3.6CVSS6AI score0.00207EPSS

Exploits0References4

RedHat Linux•added 2015/05/14 3:14 p.m.•3 views

JBossSX/PicketBox: World readable audit.log file

It was found that the security auditing functionality provided by PicketBox and JBossSX, both security frameworks for Java applications, used a world-readable audit.log file to record sensitive information. A local user could possibly use this flaw to gain access to the sensitive information in t...

2.1CVSS5.7AI score0.00053EPSS

Exploits0References4

RedHat Linux•added 2015/05/14 3:14 p.m.•65 views

Important: Red Hat Security Advisory: Red Hat JBoss Portal 6.2.0 update

Red Hat JBoss Portal 6.2.0, which fixes multiple security issues and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

9.8CVSS7.5AI score0.92712EPSS

Exploits24References38

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by