Glassfish Server@* Security Vulnerabilities and Issues — Glassfish Server@* CVE List

Lucene search

OracleGlassfish Server*

15 matches found

CVE•added 2011/12/30 1:55 a.m.•129 views

CVE-2011-5035

Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers...

5CVSS8.9AI score0.52412EPSS

CVE•added 2021/06/25 4:15 p.m.•110 views

CVE-2021-3314

Oracle GlassFish Server 3.1.2.18 and below allows /common/logViewer/logViewer.jsf XSS. A malicious user can cause an administrator user to supply dangerous content to the vulnerable page, which is then reflected back to the user and executed by the web browser. The most common mechanism for deliver...

6.1CVSS6AI score0.00182EPSS

CVE•added 2017/01/27 10:59 p.m.•75 views

CVE-2016-5528

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise O...

9CVSS8.9AI score0.00913EPSS

CVE•added 2018/10/17 1:31 a.m.•72 views

CVE-2018-2911

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server....

8.3CVSS7.6AI score0.01629EPSS

CVE•added 2017/10/19 5:29 p.m.•70 views

CVE-2017-10391

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish S...

7.5CVSS6.4AI score0.00682EPSS

CVE•added 2017/10/19 5:29 p.m.•68 views

CVE-2017-10400

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration Graphical User Interface). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Or...

5.8CVSS4.9AI score0.00395EPSS

CVE•added 2017/01/27 10:59 p.m.•65 views

CVE-2017-3250

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish ...

7.5CVSS7AI score0.00713EPSS

CVE•added 2017/10/19 5:29 p.m.•62 views

CVE-2017-10385

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Web Container). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Se...

6.8CVSS5.6AI score0.0039EPSS

CVE•added 2017/10/19 5:29 p.m.•62 views

CVE-2017-10393

6.8CVSS5.8AI score0.00405EPSS

CVE•added 2018/10/17 1:31 a.m.•61 views

CVE-2018-3152

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server. Su...

7.5CVSS7AI score0.01519EPSS

CVE•added 2017/01/27 10:59 p.m.•56 views

CVE-2017-3249

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via LDAP to compromise Oracle GlassFish ...

7.5CVSS7AI score0.0076EPSS

CVE•added 2017/04/24 7:59 p.m.•55 views

CVE-2017-3626

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Java Server Faces). The supported version that is affected is 3.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle G...

3.1CVSS1.9AI score0.00473EPSS

CVE•added 2018/10/17 1:31 a.m.•55 views

CVE-2018-3210

5.3CVSS4.4AI score0.00734EPSS

CVE•added 2017/01/27 10:59 p.m.•53 views

CVE-2017-3247

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via SMTP to compromise Oracle GlassFish Serv...

4.3CVSS4.6AI score0.00506EPSS

CVE•added 2017/01/27 10:59 p.m.•50 views

CVE-2017-3239

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle GlassFish Server...

3.3CVSS4.1AI score0.00036EPSS