Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Enterprise Application Platform Security Vulnerabilities

cve
cve

CVE-2008-3273

JBoss Enterprise Application Platform (aka JBossEAP or EAP) before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string.

5.8AI Score

0.006EPSS

2008-08-10 08:41 PM
63
cve
cve

CVE-2016-2094

The HTTPS NIO Connector allows remote attackers to cause a denial of service (thread consumption) by opening a socket and not sending an SSL handshake, aka a read-timeout vulnerability.

7.5CVSS

7.2AI Score

0.023EPSS

2016-05-06 05:59 PM
44
cve
cve

CVE-2020-1710

The issue appears to be that JBoss EAP 6.4.21 does not parse the field-name in accordance to RFC7230[1] as it returns a 200 instead of a 400.

5.3CVSS

4.9AI Score

0.001EPSS

2020-09-16 03:15 PM
116