Lucene search
K

51 matches found

CNVD
CNVD
added 2021/01/29 12:0 a.m.11 views

IBM MQ Remote Code Execution Vulnerability

IBM MQ IBM WebSphere MQ is a messaging middleware product from IBM. The product is mainly for the service-oriented architecture SOA to provide a reliable and proven messaging backbone. A remote code execution vulnerability exists in IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD, which is caused ...

10CVSS7.9AI score0.0769EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/04/30 12:0 a.m.5 views

The vulnerability of the Fabric Layer sub-component of the software package for building and deploying service-oriented architecture, Oracle SOA Suite, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Fabric Layer sub-component of the software package for building and deploying service-oriented architecture of Oracle SOA Suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized...

5.3CVSS6.3AI score0.01227EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/10/18 12:0 a.m.3 views

Unspecified Vulnerability in Oracle SOA Suite

Oracle Fusion Middleware is Oracle's business innovation platform for enterprise and cloud environments that provides middleware, software collections, and more.Oracle SOA Suite is one of the Service Oriented Architecture SOA components for building, deploying, and managing service-oriented...

8.2CVSS6.9AI score0.01889EPSS
Exploits0References1
OSV
OSV
added 2016/07/21 10:12 a.m.2 views

CVE-2016-3496

Unspecified vulnerability in the Enterprise Manager for Fusion Middleware component in Oracle Enterprise Manager Grid Control 11.1.1.7, and 11.1.1.9 allows remote attackers to affect confidentiality via vectors related to SOA Topology Viewer...

4.7CVSS5.8AI score0.02014EPSS
Exploits0References4
Kitploit
Kitploit
added 2015/11/05 10:12 p.m.23 views

Toxy - Hackable Http Proxy To Simulate Server Failure Scenarios And Network Conditions

Toxy is a fully programmatic and hackable HTTP proxy to simulate server failure scenarios and unexpected network conditions , built for node.js / io.js . It was mainly designed for fuzzing/evil testing purposes, when toxy becomes particularly useful to cover fault tolerance and resiliency...

7.1AI score
Exploits0References15
Kitploit
Kitploit
added 2015/05/26 9:38 p.m.25 views

WS-Attacker - Modular Framework for Web Services Penetration Testing

XML-based SOAP Web Services are a widely used technology, which allows the users to execute remote operations and transport arbitrary data. It is currently adapted in Service Oriented Architectures, cloud interfaces, management of federated identities, eGovernment, or millitary services. The wide...

8.6AI score
Exploits0
CNVD
CNVD
added 2015/01/22 12:0 a.m.5 views

Unspecified Vulnerability in Oracle SOA Suite Fabric Layer Subcomponent

Oracle SOA Suite is a comprehensive, hot-pluggable software suite for building, deploying, and managing service-oriented architectures SOA. A security vulnerability exists in the Oracle SOA Suite Fabric Layer subcomponent that could be exploited by remote attackers to compromise system...

3.5CVSS6.8AI score0.0103EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2013/01/24 6:52 p.m.8 views

JBoss: AuthorizationInterceptor allows JMX operation to proceed despite authorization failure

The AuthorizationInterceptor in JBoss Enterprise Application Platform EAP before 5.2.0, Web Platform EWP before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 does not properly restrict access, which allows remote authenticated users to bypass intended role restrictions and...

4.9CVSS6.4AI score0.02178EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/01/24 6:31 p.m.5 views

JGroups diagnostics service enabled by default with no authentication when a JGroups channel is started

JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...

3.3CVSS6.3AI score0.01448EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2013/01/24 6:7 p.m.6 views

JGroups diagnostics service enabled by default with no authentication when a JGroups channel is started

JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...

3.3CVSS6.3AI score0.01448EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2012/11/23 12:0 a.m.2 views

PT-2012-1581 · Red Hat +1 · Jboss Enterprise Portal Platform +3

Name of the Vulnerable Software and Affected Versions: JBoss Enterprise Portal Platform versions prior to 5.2.2 BRMS Platform 5.3.0 before roll up patch 1 SOA Platform 5.3.0 before roll up patch 1 Description: A cross-site request forgery CSRF issue exists in the JMX Console, allowing remote...

6CVSS6AI score0.01567EPSS
Exploits0References19
Rows per page
Query Builder