Lucene search
+L

19 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-5217

Malware in sbrugna...

5CVSS9.1AI score0.02978EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2015-5189

Malware in sbrugna...

6.8CVSS8.9AI score0.01138EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2024/10/14 6:1 p.m.40 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.5CVSS6.7AI score0.33623EPSS
Exploits5References20
OSV
OSV
added 2024/09/29 5:24 p.m.37 views

RHSA-2020:0159 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 6 security update

Bulletin has no description...

8.1CVSS7.5AI score0.10763EPSS
Exploits2References76
OSV
OSV
added 2024/09/29 5:11 p.m.20 views

RHSA-2017:3216 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.18 security update

Bulletin has no description...

6.5CVSS6.5AI score0.02457EPSS
Exploits0References9
OSV
OSV
added 2024/09/15 6:21 p.m.30 views

RHSA-2010:0378 Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0.CP09 update

Bulletin has no description...

7.5CVSS6.2AI score0.79415EPSS
Exploits34References19
Veracode
Veracode
added 2019/01/15 9:24 a.m.35 views

Arbitrary Code Execution

jbossas is vulnerable to arbitrary code execution attacks. The vulnerability exists as Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it...

9.8CVSS9.7AI score0.90713EPSS
Exploits14References7Affected Software1
NVD
NVD
added 2017/10/04 9:1 p.m.22 views

CVE-2017-12149

In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code vi...

9.8CVSS9.8AI score0.90713EPSS
Exploits14References6
UbuntuCve
UbuntuCve
added 2017/10/04 9:1 p.m.41 views

CVE-2017-12149

In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code vi...

9.8CVSS7.4AI score0.90713EPSS
Exploits14References3
VulnCheck KEV
VulnCheck KEV
added 2016/03/25 12:0 a.m.4 views

VulnCheck KEV: CVE-2015-5188

Cross-site request forgery CSRF vulnerability in the Web Console web-console in Red Hat Enterprise Application Platform before 6.4.4 and WildFly formerly JBoss Application Server before 2.0.0.CR9 allows remote attackers to hijack the authentication of administrators for requests that make...

6.8CVSS7.3AI score0.01138EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/11/24 12:0 a.m.61 views

RHEL 5 / 6 / 7 : JBoss EAP (RHSA-2015:2500)

Updated packages for the Apache commons-collections library for Red Hat JBoss Enterprise Application Platform 6.4, which fix one security issue, are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. A Common...

10CVSS7.5AI score0.83274EPSS
Exploits8References4
seebug.org
seebug.org
added 2015/11/18 12:0 a.m.11 views

Red Hat Enterprise Application Platform跨站请求伪造漏洞

No description provided by source...

7.1AI score
Exploits0
NVD
NVD
added 2015/10/27 4:59 p.m.21 views

CVE-2015-5188

Cross-site request forgery CSRF vulnerability in the Web Console web-console in Red Hat Enterprise Application Platform before 6.4.4 and WildFly formerly JBoss Application Server before 2.0.0.CR9 allows remote attackers to hijack the authentication of administrators for requests that make arbitra...

6.8CVSS7AI score0.01138EPSS
Exploits0References8
CVE
CVE
added 2015/10/27 4:0 p.m.97 views

CVE-2015-5220

CVE-2015-5220 affects Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6.4.4, and WildFly, where the Web Console could cause memory exhaustion (DoS) by processing a large request header. The root cause is improper handling of large HTTP headers in the EAP Web Console. The published ...

5CVSS8.8AI score0.02978EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2015/10/27 4:0 p.m.79 views

CVE-2015-5188

CVE-2015-5188 describes a Cross‑Site Request Forgery (CSRF) vulnerability in the Web Console (web-console) of Red Hat JBoss Enterprise Application Platform (EAP) 6.x prior to 6.4.4 and WildFly prior to 2.0.0.CR9. The underlying issue is CSRF via multipart/form-data file uploads, allowing remote a...

6.8CVSS9.4AI score0.01138EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2015/04/21 5:59 p.m.18 views

CVE-2014-3586

The default configuration for the Command Line Interface in Red Hat Enterprise Application Platform before 6.4.0 and WildFly formerly JBoss Application Server uses weak permissions for .jboss-cli-history, which allows local users to obtain sensitive information via unspecified vectors...

2.1CVSS5.4AI score0.00372EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2012/06/20 3:56 p.m.29 views

Important: Red Hat Security Advisory: jbossas security update

An update for JBoss Enterprise Application Platform 5.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which giv...

7.5CVSS5.8AI score0.03521EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2011/09/15 7:8 p.m.45 views

Important: Red Hat Security Advisory: jbossws-common security update

An updated JBoss Enterprise Application Platform 4.3 that fixes one security issue is now available from the Red Hat Customer Portal as JBoss Enterprise Application Platform 4.3.0 Cumulative Patch 10. The Red Hat Security Response Team has rated this update as having important security impact. A...

5CVSS5.8AI score0.02664EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2011/02/10 7:41 p.m.50 views

Important: Red Hat Security Advisory: jbossweb security update

A patch for JBoss Enterprise Application Platform 4.2.0.CP09, 4.3.0.CP09, and 5.1 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CV...

5CVSS6AI score0.2349EPSS
Exploits1References2
Rows per page
Query Builder