Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jboss vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-2006
JBOSS 3.2.2 up to and including 3.2.7 and 4.0.2 allows remote malicious users to obtain sensitive information via a GET request (1) with a "%." (percent dot), which reveals the installation path or (2) with a % (percent) before a filename, which reveals the contents of ...
Jboss Jboss 3.2.2
Jboss Jboss 3.2.5
Jboss Jboss 3.2.6
Jboss Jboss 3.2.7
Jboss Jboss 4.0.2
Jboss Jboss 3.2.3
Jboss Jboss 3.2.4
1 EDB exploit
2 Github repositories
7.5
CVSSv2
CVE-2006-5750
Directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server (jbossas) 3.2.4 up to and including 4.0.5 allows remote authenticated users to read or modify arbitrary files, and possibly execute arbitrary code, via unspecified vectors related ...
Jboss Jboss Application Server 4.0.0 Final
Jboss Jboss Application Server 4.0.1 Final
Jboss Jboss Application Server 4.0.1 Sp1
Jboss Jboss Application Server 4.0.2 Final
Jboss Jboss Application Server 3.2.5 Final
Jboss Jboss Application Server 3.2.6 Final
Jboss Jboss Application Server 3.2.7 Final
Jboss Jboss Application Server 4.0.3 Final
Jboss Jboss Application Server 4.0.4.ga
Jboss Jboss Application Server 3.2.8.sp1
Jboss Jboss Application Server 3.2.8 Final
Jboss Jboss Application Server 4.0.5.ga
6
CVSSv2
CVE-2007-1354
The Access Control functionality (JMXOpsAccessControlFilter) in JMX Console in JBoss Application Server 4.0.2 and 4.0.5 prior to 20070416 uses a member variable to store the roles of the current user, which allows remote authenticated administrators to trigger a race condition an...
Jboss Jboss Application Server 4.0.2.ga Cp02
Jboss Jboss Application Server 4.0.2.ga Cp03
Jboss Jboss Application Server 4.0.2.ga Cp04
Jboss Jboss Application Server 4.0.5.ga
Jboss Jboss Application Server 4.0.5 Cp01
Jboss Jboss Application Server 4.0.5 Cp02
7.5
CVSSv2
CVE-2003-0845
Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote malicious users to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP po...
Jboss Jboss 3.0.8
Jboss Jboss 3.2.1
1 EDB exploit
9
CVSSv2
CVE-2016-6330
The server in Red Hat JBoss Operations Network (JON), when SSL authentication is not configured for JON server / agent communication, allows remote malicious users to execute arbitrary code via a crafted HTTP request, related to message deserialization. NOTE: this vulnerability e...
Redhat Jboss Operations Network 3.0
Redhat Jboss Operations Network 3.3.4
Redhat Jboss Operations Network 3.3.5
Redhat Jboss Operations Network 3.1
Redhat Jboss Operations Network 3.3.2
Redhat Jboss Operations Network 3.2.0
Redhat Jboss Operations Network 3.2.2
Redhat Jboss Operations Network 3.0.1
Redhat Jboss Operations Network 3.2.3
Redhat Jboss Operations Network 3.1.2
Redhat Jboss Operations Network 3.3.1
Redhat Jboss Operations Network 3.2.1
Redhat Jboss Operations Network 3.1.1
Redhat Jboss Operations Network 3.3.6
Redhat Jboss Operations Network 3.1.4
Redhat Jboss Operations Network 3.3.3
7.6
CVSSv2
CVE-2007-1157
Cross-site request forgery (CSRF) vulnerability in jmx-console/HtmlAdaptor in JBoss allows remote malicious users to perform privileged actions as administrators via certain MBean operations, a different vulnerability than CVE-2006-3733.
Jboss Jboss
5
CVSSv2
CVE-2012-5626
EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs a...
Redhat Jboss Brms 5
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Enterprise Web Server 1.0.0
Redhat Jboss Operations Network 3.1
Redhat Jboss Portal 4.0.0
Redhat Jboss Portal 5.0.0
Redhat Jboss Soa Platform 4.2
Redhat Jboss Soa Platform 4.3
Redhat Jboss Soa Platform 5
5.8
CVSSv2
CVE-2012-0062
Red Hat JBoss Operations Network (JON) prior to 2.4.2 and 3.0.x prior to 3.0.1 allows remote malicious users to hijack agent sessions via an agent registration request without a security token.
Redhat Jboss Operations Network 2.0.0
Redhat Jboss Operations Network 3.0
Redhat Jboss Operations Network
Redhat Jboss Operations Network 2.4
Redhat Jboss Operations Network 2.3.1
Redhat Jboss Operations Network 2.2
Redhat Jboss Operations Network 2.0.1
Redhat Jboss Operations Network 2.3
Redhat Jboss Operations Network 2.1.0
5.8
CVSSv2
CVE-2012-1100
Red Hat JBoss Operations Network (JON) 3.0.x prior to 3.0.1, 2.4.2, and previous versions, when LDAP authentication is enabled and the LDAP bind account credentials are invalid, allows remote malicious users to login to LDAP-based accounts via an arbitrary password in a login req...
Redhat Jboss Operations Network 3.0
Redhat Jboss Operations Network
Redhat Jboss Operations Network 2.0.1
Redhat Jboss Operations Network 2.0.0
Redhat Jboss Operations Network 2.4
Redhat Jboss Operations Network 2.3
Redhat Jboss Operations Network 2.1.0
Redhat Jboss Operations Network 2.3.1
Redhat Jboss Operations Network 2.2
5.8
CVSSv2
CVE-2012-0052
Red Hat JBoss Operations Network (JON) prior to 2.4.2 and 3.0.x prior to 3.0.1 does not check the JON agent key, which allows remote malicious users to spoof the identity of arbitrary agents via the registered agent name.
Redhat Jboss Operations Network
Redhat Jboss Operations Network 2.4
Redhat Jboss Operations Network 2.3.1
Redhat Jboss Operations Network 2.3
Redhat Jboss Operations Network 2.2
Redhat Jboss Operations Network 2.1.0
Redhat Jboss Operations Network 2.0.0
Redhat Jboss Operations Network 3.0
Redhat Jboss Operations Network 2.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »