Lucene search
+L

715 matches found

osv
osv
added 2016/09/07 6:59 p.m.4 views

DEBIAN-CVE-2016-6345

RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs...

6.5CVSS6.5AI score0.01497EPSS
Exploits0References1
prion
prion
added 2016/09/07 6:59 p.m.13 views

Design/Logic Flaw

RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs...

4CVSS6.2AI score0.01497EPSS
Exploits0References2
prion
prion
added 2016/09/07 6:59 p.m.19 views

Design/Logic Flaw

RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors...

5CVSS7AI score0.04913EPSS
Exploits0References15
ubuntucve
ubuntucve
added 2016/09/07 6:59 p.m.17 views

CVE-2016-6345

RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs...

6.5CVSS6.8AI score0.01497EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2016/09/07 6:59 p.m.27 views

CVE-2016-6346

RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors...

7.5CVSS7.2AI score0.04913EPSS
Exploits0References3
osv
osv
added 2016/09/07 6:59 p.m.4 views

UBUNTU-CVE-2016-6345

RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs...

6.5CVSS6.9AI score0.01497EPSS
Exploits0References4
osv
osv
added 2016/09/07 6:59 p.m.3 views

UBUNTU-CVE-2016-6346

RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors...

7.5CVSS7.2AI score0.04913EPSS
Exploits0References4
cve
cve
added 2016/09/07 6:0 p.m.78 views

CVE-2016-6345

RESTEasy vulnerability CVE-2016-6345 is confirmed in connected documents as a flaw where remote authenticated users could obtain sensitive information due to insufficient use of random values in asynchronous jobs. The Ubuntu advisory USN-7630-1 and related Nessus/OpenVAS entries reference this CV...

6.5CVSS5.9AI score0.01497EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2016/09/07 6:0 p.m.20 views

CVE-2016-6345

RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs...

6AI score0.01497EPSS
Exploits0References2
debiancve
debiancve
added 2016/09/07 6:0 p.m.37 views

CVE-2016-6345

RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs...

6.5CVSS6.3AI score0.01497EPSS
Exploits0
cvelist
cvelist
added 2016/09/07 6:0 p.m.30 views

CVE-2016-6346

RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors...

7.3AI score0.04913EPSS
Exploits0References15
debiancve
debiancve
added 2016/09/07 6:0 p.m.71 views

CVE-2016-6346

RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors...

7.5CVSS7.5AI score0.04913EPSS
Exploits0
cve
cve
added 2016/09/07 6:0 p.m.147 views

CVE-2016-6346

CVE-2016-6346 affects RESTEasy: enabling a vulnerable GZIP decompression path can cause a denial of service via unspecified vectors. The Ubuntu advisory USN-7630-1 documents RESTEasy vulnerabilities including CVE-2016-6346 and notes affected Ubuntu releases; Nessus/OSS advisories reference unpatc...

7.5CVSS7.2AI score0.04913EPSS
Exploits0References15Affected Software1
cnvd
cnvd
added 2016/09/07 12:0 a.m.5 views

RESTEasy Cross-Site Scripting Vulnerability

RESTEasy is an open source architecture for building web framework applications. RESTEasy suffers from a cross-site scripting vulnerability due to a failure to properly filter user-supplied input. An attacker could be allowed to exploit the vulnerability to steal cookie-based authentication...

6.1CVSS6.8AI score0.01553EPSS
Exploits0References1
cnvd
cnvd
added 2016/09/06 12:0 a.m.4 views

Red Hat RESTEasy Information Disclosure Vulnerability

RESTEasy is one of the JBoss open source project , is a RESTful Web Services framework. Red Hat RESTEasy information disclosure vulnerability exists. Attackers can use this vulnerability to obtain sensitive information...

6.5CVSS6.2AI score0.01497EPSS
Exploits0References1
cnvd
cnvd
added 2016/09/06 12:0 a.m.35 views

Red Hat RESTEasy Denial of Service Vulnerability

RESTEasy is one of the JBoss open source project , is a RESTful Web Services framework. A denial of service vulnerability exists in Red Hat RESTEasy. An attacker could exploit this vulnerability to cause a denial of service...

7.5CVSS7.4AI score0.04913EPSS
Exploits0References1
redhatcve
redhatcve
added 2016/09/01 1:48 a.m.23 views

CVE-2016-6348

It was found that in some configurations the JacksonJsonpInterceptor is activated by default in RESTEasy. An attacker could use this flaw to launch a Cross Site Scripting Inclusion attack...

6.1CVSS1.7AI score0.01315EPSS
Exploits0References1
redhatcve
redhatcve
added 2016/09/01 1:18 a.m.24 views

CVE-2016-6347

It was found that the default exception handler in RESTEasy did not properly validate user input. An attacker could use this flaw to launch a relected XSS attack...

6.1CVSS2.2AI score0.01553EPSS
Exploits0References1
redhatcve
redhatcve
added 2016/09/01 12:48 a.m.23 views

CVE-2016-6345

It was found that there was insufficient use of randam values in RESTEasy async jobs. An attacker could use this flaw to steal user data. Mitigation Dont enable Async Jobs Service as details in the section, "2.10. RESTEASY ASYNCHRONOUS JOB SERVICE" of JBoss EAP 7 Developing Web Services...

6.5CVSS1AI score0.01497EPSS
Exploits0References1
openvas
openvas
added 2015/10/06 12:0 a.m.24 views

Oracle: Security Advisory (ELSA-2014-1011)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.6AI score0.04572EPSS
Exploits0References2
Rows per page
Query Builder